%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
Indianapolis mule soft_meetup_30_jan_2021 (1)
1. Indianapolis MuleSoft Meetup Group
Implementing One Way SSL and Two Way SSL
(Mutual Authentication) With MuleSoft
2. 2
Organizer
Ikram Mohamed
Integration Associate
OneAmerica
About the organizer:
Working as Integration Associate at OneAmerica.
Indianapolis MuleSoft Meetup Leader.
15+ Years of I.T Experience which includes 5+ years of
experience in Integrations and API Technologies.
Certified MuleSoft Integration Developer and Platform Architect.
3. 3
Speakers
Jitendra Bafna
Senior Solution Architect
Capgemini
About the speaker:
Working as Senior Solution Architect at Capgemini.
Surat MuleSoft Meetup Leader.
12.5+ Years of Experience in Integrations and API Technologies.
Certified MuleSoft Integration Architect and platform Architect.
4. Agenda
One Way SSL
Implementing One Way SSL With MuleSoft
Two Way SSL
Implementing Two Way SSL With MuleSoft
Live Demonstration on One Way SSL and Two Way SSL
Implementing HTTPS Proxy With MuleSoft
References
Trivia Quiz
1
2
3
4
5
6
7
8
5. One Way SSL
One way SSL only client verifies the server certificates. At the server end, there will be a Keystore
that will hold the private and public certificate of the server whereas, at the client end, there will be
a truststore that will hold the public certificate of the server.
Clients will send Hello and request for the resources on the secure HTTPS protocol.
The server will respond with its public certificate (.crt) and send Hello.
The client will verify the server public certificate in its truststore.
The client sends back symmetric session key generated using the server public certificate.
The server will decrypt the symmetric session key using its private certificate and send back
the encrypted session key to the client for establishing a secure connection.
7. One Way SSL
Generate Server Keystore with Private Key
keytool -genkey -alias mule-server -keysize 2048 -keyalg RSA -keystore C:/Certificates/server-keystore.jks
Export Public Key from Server Keystore
keytool -export -alias mule-server -keystore C:/Certificates/server-keystore.jks -file C:/Certificates/server_public.crt
Generate Client Truststore and import server public key
keytool -import -alias mule-client-public -keystore C:/Certificates/client-truststore.jks -file C:/Certificates/server_public.crt
8. Two Way SSL
Two way SSL client verifies the server certificates and the server verifies the client certificates.
At the server end, there will be a Keystore which will hold the private and public certificate of the
server and truststore which will hold the public certificate of client whereas, at the client end, there
will be a Keystore which will hold the private and public certificate of client whereas truststore
which will hold the public key of the server.
9. Two Way SSL
Clients will send Hello and request for the resources on the secure HTTPS protocol.
The server will respond with its public certificate (.crt) and send Hello.
The client will verify the server public certificate in its truststore.
The client sends back symmetric session key generated using the server public certificate.
The server will decrypt the symmetric session key using the server private certificate and
request for the client certificate.
The client will send its public certificate to the server and the server will verify the client public
certificate in the server truststore.
The server will generate a session key and encrypt using the client public certificate and send it
to the client.
The client will decrypt the session key using client private certificate and this way the key
exchange between client and server. It will establish secure communication between client and
server.
13. Implementing HTTPs Proxy With MuleSoft
API Proxy
(HTTPS)
Application
(HTTP)
Secret Manager
Keystore
Truststore
TLS Context
Client
Client Send Request To API
Proxy over HTTPS API Proxy will perform SSL
offloading and send request to
implementation API