What are steps to be followed to use HTTPS in http plugin activities using PKS key store type ?
Article ID: KB0085674
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks | - |
| Not Applicable | - |
Description
Resolution:
1) Before running the example you need to create the ServerKeyStore, ClientKeyStore, server.cer and
client.cer files using the Java key tool (keytool.exe) which comes with JDK.
Following are the commands :-
keytool -genkey -v -keyalg RSA -keystore clientKeyStore
keytool -genkey -v -keyalg RSA -keystore serverKeyStore
keytool -export -v -file server.cer -keystore serverKeyStore
keytool -export -v -file client.cer -keystore clientKeyStore
2) In the BW project, create a shared HTTP connection and Enable "Use Secure Socket(HTTPS)".Specify the
serverKeystore directory and the password( in this case "password").
3) Create a Trusted CA shared connection and import the "server.cer" file from the file system.
4) Create a http_client process and in the "Send HTTP request" process enable ""Use Secure Socket(HTTPS)"". Choose the already create "Trusted CA" shared connection.
5) Create a http_server process which uses the http shared connection resource.
Now if you run the http_server and http_client BW processes, the authentication will work with
server key store ( on the server side) and the server.cer in the form of Trusted CA shared resource
from the client side.
To enable the extra "Client Authorization" do the following :-
6) In the HTTP shared connection, enable "Client Authentication Required". Create a separate directory and store the "client.cer" file. Refer this directory in "Trusted Certificate location".
7) In the http_client process ("Send HTTP request") specify the directory where clientkeystore is located
in client Identity and specify the password in "Client Identity password".
For more details please refer the project file attached.
1) Before running the example you need to create the ServerKeyStore, ClientKeyStore, server.cer and
client.cer files using the Java key tool (keytool.exe) which comes with JDK.
Following are the commands :-
keytool -genkey -v -keyalg RSA -keystore clientKeyStore
keytool -genkey -v -keyalg RSA -keystore serverKeyStore
keytool -export -v -file server.cer -keystore serverKeyStore
keytool -export -v -file client.cer -keystore clientKeyStore
2) In the BW project, create a shared HTTP connection and Enable "Use Secure Socket(HTTPS)".Specify the
serverKeystore directory and the password( in this case "password").
3) Create a Trusted CA shared connection and import the "server.cer" file from the file system.
4) Create a http_client process and in the "Send HTTP request" process enable ""Use Secure Socket(HTTPS)"". Choose the already create "Trusted CA" shared connection.
5) Create a http_server process which uses the http shared connection resource.
Now if you run the http_server and http_client BW processes, the authentication will work with
server key store ( on the server side) and the server.cer in the form of Trusted CA shared resource
from the client side.
To enable the extra "Client Authorization" do the following :-
6) In the HTTP shared connection, enable "Client Authentication Required". Create a separate directory and store the "client.cer" file. Refer this directory in "Trusted Certificate location".
7) In the http_client process ("Send HTTP request") specify the directory where clientkeystore is located
in client Identity and specify the password in "Client Identity password".
For more details please refer the project file attached.
Issue/Introduction
What are steps to be followed to use HTTPS in http plugin activities using PKS key store type ?
Attachments
Feedback
Yes
No
Powered by
