In one of my projects, I had a requirement to call a web service
which was a REST service and I had to POST XML content to the web
service. The web service URL demanded to query parameters though and the
service only wanted a XML to be POSTed.
The service was Certificate SSL secured with HTTPs basic authentication.
So here are the steps which I did using Oracle Service Bus.
Firstly, I went to the UNIX box the ran the below command to load the certificate from the web service.
I used the openssl utility to load the certificate. Other option is any browser to do the same. The certificates nature vary from being a chain of certificates being CA signed or a single self- signed certificate. In my case it turned out to be a single self signed certificate.
Here is the command -
openssl s_client -connect host:port | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /..../somename.cert
Once the certificate was loaded. I had to loaded it up into the keystore of weblogic. To load it, I used the keytool utility.
Loading into the Java Keystore -
keytool -import -trustcacerts -keystore /appl/oracle/dev/fmw/11g/java/jrockit-jdk1.6.0_81/jre/lib/security/cacerts -noprompt -alias somealias -file somename.cert
Loading into the Default weblogic demoTrust keystore. Note, for production, it can be the Custom Trust store.
keytool -import -trustcacerts -keystore /appl/oracle/dev/fmw/11g/product/wlserver_10.3/server/lib/DemoTrust.jks -noprompt -alias somealias -file somename.cert
and the work for the certificate part was done.
Now, since the service was HTTPs basic authentication secured too, so an OSB Service Account was used to provide a static username and password and associate it with the Business Service.
After create the Business Service, I had too only put the XML content in the Request panel and the work was done.
The service was Certificate SSL secured with HTTPs basic authentication.
So here are the steps which I did using Oracle Service Bus.
Firstly, I went to the UNIX box the ran the below command to load the certificate from the web service.
I used the openssl utility to load the certificate. Other option is any browser to do the same. The certificates nature vary from being a chain of certificates being CA signed or a single self- signed certificate. In my case it turned out to be a single self signed certificate.
Here is the command -
openssl s_client -connect host:port | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /..../somename.cert
Once the certificate was loaded. I had to loaded it up into the keystore of weblogic. To load it, I used the keytool utility.
Loading into the Java Keystore -
keytool -import -trustcacerts -keystore /appl/oracle/dev/fmw/11g/java/jrockit-jdk1.6.0_81/jre/lib/security/cacerts -noprompt -alias somealias -file somename.cert
Loading into the Default weblogic demoTrust keystore. Note, for production, it can be the Custom Trust store.
keytool -import -trustcacerts -keystore /appl/oracle/dev/fmw/11g/product/wlserver_10.3/server/lib/DemoTrust.jks -noprompt -alias somealias -file somename.cert
and the work for the certificate part was done.
Now, since the service was HTTPs basic authentication secured too, so an OSB Service Account was used to provide a static username and password and associate it with the Business Service.
After create the Business Service, I had too only put the XML content in the Request panel and the work was done.
Hi Anurag,
ReplyDeletePls send the process, how can we configure this certificates in windows. I have to test HTTPS based service.
Thanks & Regards
Muddu Krishna
Hi Muddu,
DeleteHere I have used OpenSSL client to load the certificate. You can use a mozilla, IE or Chrome browser to load a certificate in a base - 64 coded form. Once you get the .cer file, you can use the java keytool as mentioned in my post, to load the certificate in the trust store , ie java trust store. and weblogic would refer to that configured java trust store when you intend to call the secured application through OSB.
is there any idea if we have proxy service with transport https
ReplyDeleteexposed as rest service from Oracle Service Bus
Delete