SlideShare ist ein Scribd-Unternehmen logo

Indianapolis mule soft_meetup_30_jan_2021 (1)

Als PPTX, PDF herunterladen
I
ikram_ahamed

Indianapolis Meetup #2 -- Oneway-Twoway SSL

Software
1 von 17
Indianapolis MuleSoft Meetup Group Implementing One Way SSL and Two Way SSL (Mutual Authentication) With MuleSoft
2 Organizer Ikram Mohamed Integration Associate OneAmerica About the organizer:  Working as Integration Associate at OneAmerica.  Indianapolis MuleSoft Meetup Leader.  15+ Years of I.T Experience which includes 5+ years of experience in Integrations and API Technologies.  Certified MuleSoft Integration Developer and Platform Architect.
3 Speakers Jitendra Bafna Senior Solution Architect Capgemini About the speaker:  Working as Senior Solution Architect at Capgemini.  Surat MuleSoft Meetup Leader.  12.5+ Years of Experience in Integrations and API Technologies.  Certified MuleSoft Integration Architect and platform Architect.
Agenda One Way SSL Implementing One Way SSL With MuleSoft Two Way SSL Implementing Two Way SSL With MuleSoft Live Demonstration on One Way SSL and Two Way SSL Implementing HTTPS Proxy With MuleSoft References Trivia Quiz 1 2 3 4 5 6 7 8
One Way SSL One way SSL only client verifies the server certificates. At the server end, there will be a Keystore that will hold the private and public certificate of the server whereas, at the client end, there will be a truststore that will hold the public certificate of the server.  Clients will send Hello and request for the resources on the secure HTTPS protocol.  The server will respond with its public certificate (.crt) and send Hello.  The client will verify the server public certificate in its truststore.  The client sends back symmetric session key generated using the server public certificate.  The server will decrypt the symmetric session key using its private certificate and send back the encrypted session key to the client for establishing a secure connection.
One Way SSL
One Way SSL Generate Server Keystore with Private Key keytool -genkey -alias mule-server -keysize 2048 -keyalg RSA -keystore C:/Certificates/server-keystore.jks Export Public Key from Server Keystore keytool -export -alias mule-server -keystore C:/Certificates/server-keystore.jks -file C:/Certificates/server_public.crt Generate Client Truststore and import server public key keytool -import -alias mule-client-public -keystore C:/Certificates/client-truststore.jks -file C:/Certificates/server_public.crt
Two Way SSL Two way SSL client verifies the server certificates and the server verifies the client certificates. At the server end, there will be a Keystore which will hold the private and public certificate of the server and truststore which will hold the public certificate of client whereas, at the client end, there will be a Keystore which will hold the private and public certificate of client whereas truststore which will hold the public key of the server.
Two Way SSL  Clients will send Hello and request for the resources on the secure HTTPS protocol.  The server will respond with its public certificate (.crt) and send Hello.  The client will verify the server public certificate in its truststore.  The client sends back symmetric session key generated using the server public certificate.  The server will decrypt the symmetric session key using the server private certificate and request for the client certificate.  The client will send its public certificate to the server and the server will verify the client public certificate in the server truststore.  The server will generate a session key and encrypt using the client public certificate and send it to the client.  The client will decrypt the session key using client private certificate and this way the key exchange between client and server. It will establish secure communication between client and server.
Two Way SSL
Two Way SSL Generate Server Keystore with Private Key keytool -genkey -alias mule-server -keysize 2048 -keyalg RSA -keystore C:/Certificates/server-keystore.jks Export Public Key from Server Keystore keytool -export -alias mule-server -keystore C:/Certificates/server-keystore.jks -file C:/Certificates/server_public.crt Generate Client Truststore and import server public key keytool -import -alias mule-client-public -keystore C:/Certificates/client-truststore.jks -file C:/Certificates/server_public.crt Generate Client Keystore with Private Key keytool -genkey -alias mule-client -keysize 2048 -keyalg RSA -keystore C:/Certificates/client-keystore.jks Export the Public key from Client Keystore keytool -export -alias mule-client -keystore C:/Certificates/client-keystore.jks -file C:/Certificates/client_public.crt Generate Server Truststore and import client public key keytool -import -alias mule-server-public -keystore C:/Certificates/server-truststore.jks -file C:/Certificates/client_public.crt
Demonstration on implementing One Way SSL and Two Way SSL (Mutual Authentication) With MuleSoft
Implementing HTTPs Proxy With MuleSoft API Proxy (HTTPS) Application (HTTP) Secret Manager Keystore Truststore TLS Context Client Client Send Request To API Proxy over HTTPS API Proxy will perform SSL offloading and send request to implementation API
Demonstration on implementing HTTPs Proxy With MuleSoft
References ● https://docs.mulesoft.com/runtime-manager/anypoint-platform-cli-commands ● https://dzone.com/articles/enforcing-rate-limiting-policy-using-api-manager-a ● https://dzone.com/articles/enforcing-mulesoft-jwt-validation-policy-using-api ● https://www.youtube.com/playlist?list=PL5GwZHHgKcuDqJDLZ4ZylU_hpxommWq7d ● https://dzone.com/articles/anypoint-cli-with-mulesoft 15
Questions
Get ready to WIN a Special Gift from MuleSoft Community Quiz Time

Empfohlen

Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3
Alexandra N. Martinez
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
Nick Maludy
 
Kerberos
KerberosKerberos
Kerberos
Sudeep Shouche
 
Authentication without Authentication - Peerlyst meetup
Authentication without Authentication - Peerlyst meetupAuthentication without Authentication - Peerlyst meetup
Authentication without Authentication - Peerlyst meetup
Soluto
 
CIS 2015 OpenID Connect and Mobile Applications - David Chase
CIS 2015 OpenID Connect and Mobile Applications - David ChaseCIS 2015 OpenID Connect and Mobile Applications - David Chase
CIS 2015 OpenID Connect and Mobile Applications - David Chase
CloudIDSummit
 
Accessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) webAccessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) web
Felix Arntz
 
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldAn Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices World
VMware Tanzu
 
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL CertificatesHashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Nick Maludy
 

Empfohlen

Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3Toronto MuleSoft Meetup: Virtual Meetup #3
Toronto MuleSoft Meetup: Virtual Meetup #3
Alexandra N. Martinez
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
Nick Maludy
 
Kerberos
KerberosKerberos
Kerberos
Sudeep Shouche
 
Authentication without Authentication - Peerlyst meetup
Authentication without Authentication - Peerlyst meetupAuthentication without Authentication - Peerlyst meetup
Authentication without Authentication - Peerlyst meetup
Soluto
 
CIS 2015 OpenID Connect and Mobile Applications - David Chase
CIS 2015 OpenID Connect and Mobile Applications - David ChaseCIS 2015 OpenID Connect and Mobile Applications - David Chase
CIS 2015 OpenID Connect and Mobile Applications - David Chase
CloudIDSummit
 
Accessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) webAccessing APIs using OAuth on the federated (WordPress) web
Accessing APIs using OAuth on the federated (WordPress) web
Felix Arntz
 
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldAn Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices World
VMware Tanzu
 
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL CertificatesHashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Nick Maludy
 
Kerberos (1)
Kerberos (1)Kerberos (1)
Kerberos (1)
Ana Salas Elizondo
 
Microservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David BorsosMicroservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David Borsos
OpenCredo
 
Kerberos
KerberosKerberos
Kerberos
RafatSamreen
 
Server to Server API Security
Server to Server API SecurityServer to Server API Security
Server to Server API Security
Ganesh Ghag
 
SSL Certificate Conversion with OpenSSL
SSL Certificate Conversion with OpenSSLSSL Certificate Conversion with OpenSSL
SSL Certificate Conversion with OpenSSL
david_foland74
 
Building Apps with MySpace SDKs
Building Apps with MySpace SDKsBuilding Apps with MySpace SDKs
Building Apps with MySpace SDKs
MySpaceDevTeam
 
Introduction to vault
Introduction to vaultIntroduction to vault
Introduction to vault
Henrik Høegh
 
Kerberos Authentication Process In Windows
Kerberos Authentication Process In WindowsKerberos Authentication Process In Windows
Kerberos Authentication Process In Windows
niteshitimpulse
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp Vault
Mayank Patel
 
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSLCalicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
AnoopRamachandran13
 
The last picks
The last picksThe last picks
The last picks
Nafiur Rahman Tuhin
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
ReliqusConsulting
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
promediakw
 
Types of ssl commands and keytool
Types of ssl commands and keytoolTypes of ssl commands and keytool
Types of ssl commands and keytool
CheapSSLsecurity
 
IBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-DiveIBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-Dive
Morag Hughson
 
IBM Streams V4.1 and User Authentication with Client Certificates
IBM Streams V4.1 and User Authentication with Client CertificatesIBM Streams V4.1 and User Authentication with Client Certificates
IBM Streams V4.1 and User Authentication with Client Certificates
lisanl
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
Arash Ramez
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
Yousof Alsatom
 
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
MysoreMuleSoftMeetup
 
SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications
nishchal29
 
SSL-image
SSL-imageSSL-image
SSL-image
Rajat Toshniwal
 
1205 bhat pdf-ssl
1205 bhat pdf-ssl1205 bhat pdf-ssl
1205 bhat pdf-ssl
Jamshoo Lakhani
 

Weitere ähnliche Inhalte

Was ist angesagt?

Microservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David BorsosMicroservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David Borsos
OpenCredo
 
Kerberos Authentication Process In Windows
Kerberos Authentication Process In WindowsKerberos Authentication Process In Windows
Kerberos Authentication Process In Windows
niteshitimpulse
 

Was ist angesagt? (9)

Kerberos (1)
Kerberos (1)Kerberos (1)
Kerberos (1)
 
Microservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David BorsosMicroservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David Borsos
 
Kerberos
KerberosKerberos
Kerberos
 
Server to Server API Security
Server to Server API SecurityServer to Server API Security
Server to Server API Security
 
SSL Certificate Conversion with OpenSSL
SSL Certificate Conversion with OpenSSLSSL Certificate Conversion with OpenSSL
SSL Certificate Conversion with OpenSSL
 
Building Apps with MySpace SDKs
Building Apps with MySpace SDKsBuilding Apps with MySpace SDKs
Building Apps with MySpace SDKs
 
Introduction to vault
Introduction to vaultIntroduction to vault
Introduction to vault
 
Kerberos Authentication Process In Windows
Kerberos Authentication Process In WindowsKerberos Authentication Process In Windows
Kerberos Authentication Process In Windows
 
Credential store using HashiCorp Vault
Credential store using HashiCorp VaultCredential store using HashiCorp Vault
Credential store using HashiCorp Vault
 

Ähnlich wie Indianapolis mule soft_meetup_30_jan_2021 (1)

Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
MysoreMuleSoftMeetup
 
Powerpoint Presentation
Powerpoint PresentationPowerpoint Presentation
Powerpoint Presentation
webhostingguy
 
Powerpoint Presentation
Powerpoint PresentationPowerpoint Presentation
Powerpoint Presentation
webhostingguy
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
Hai Nguyen
 

Ähnlich wie Indianapolis mule soft_meetup_30_jan_2021 (1) (20)

Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSLCalicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
 
The last picks
The last picksThe last picks
The last picks
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
Types of ssl commands and keytool
Types of ssl commands and keytoolTypes of ssl commands and keytool
Types of ssl commands and keytool
 
IBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-DiveIBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-Dive
 
IBM Streams V4.1 and User Authentication with Client Certificates
IBM Streams V4.1 and User Authentication with Client CertificatesIBM Streams V4.1 and User Authentication with Client Certificates
IBM Streams V4.1 and User Authentication with Client Certificates
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
 
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
Securing the network communication using One-way SSL & Two-way SSL | MuleSoft...
 
SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications SSL Implementation - IBM MQ - Secure Communications
SSL Implementation - IBM MQ - Secure Communications
 
SSL-image
SSL-imageSSL-image
SSL-image
 
1205 bhat pdf-ssl
1205 bhat pdf-ssl1205 bhat pdf-ssl
1205 bhat pdf-ssl
 
Powerpoint Presentation
Powerpoint PresentationPowerpoint Presentation
Powerpoint Presentation
 
Powerpoint Presentation
Powerpoint PresentationPowerpoint Presentation
Powerpoint Presentation
 
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxOralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
 
IBM MQ V8 Security
IBM MQ V8 SecurityIBM MQ V8 Security
IBM MQ V8 Security
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
 
WebLogic in Practice: SSL Configuration
WebLogic in Practice: SSL ConfigurationWebLogic in Practice: SSL Configuration
WebLogic in Practice: SSL Configuration
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 

Mehr von ikram_ahamed

Indianapolis mule soft_meetup_12_june_2021
Indianapolis mule soft_meetup_12_june_2021Indianapolis mule soft_meetup_12_june_2021
Indianapolis mule soft_meetup_12_june_2021
ikram_ahamed
 

Mehr von ikram_ahamed (6)

Indy_MuleSoft_Meetup_Sept_30 2 (1).pptx
Indy_MuleSoft_Meetup_Sept_30 2 (1).pptxIndy_MuleSoft_Meetup_Sept_30 2 (1).pptx
Indy_MuleSoft_Meetup_Sept_30 2 (1).pptx
 
Indianapolis_meetup_April-1st-2022.pptx
Indianapolis_meetup_April-1st-2022.pptxIndianapolis_meetup_April-1st-2022.pptx
Indianapolis_meetup_April-1st-2022.pptx
 
Indy meetup#7 effective unit-testing-mule
Indy meetup#7 effective unit-testing-muleIndy meetup#7 effective unit-testing-mule
Indy meetup#7 effective unit-testing-mule
 
Indianapolis mulesoft meetup_sep_11_2021
Indianapolis mulesoft meetup_sep_11_2021Indianapolis mulesoft meetup_sep_11_2021
Indianapolis mulesoft meetup_sep_11_2021
 
Indianapolis mule soft_meetup_12_june_2021
Indianapolis mule soft_meetup_12_june_2021Indianapolis mule soft_meetup_12_june_2021
Indianapolis mule soft_meetup_12_june_2021
 
Indianapolis mule soft_meetup_14_apr_2021-Review a complex Dataweave Transfor...
Indianapolis mule soft_meetup_14_apr_2021-Review a complex Dataweave Transfor...Indianapolis mule soft_meetup_14_apr_2021-Review a complex Dataweave Transfor...
Indianapolis mule soft_meetup_14_apr_2021-Review a complex Dataweave Transfor...
 

Kürzlich hochgeladen

%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
masabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 

Kürzlich hochgeladen (20)

WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 

Indianapolis mule soft_meetup_30_jan_2021 (1)

  • 1. Indianapolis MuleSoft Meetup Group Implementing One Way SSL and Two Way SSL (Mutual Authentication) With MuleSoft
  • 2. 2 Organizer Ikram Mohamed Integration Associate OneAmerica About the organizer:  Working as Integration Associate at OneAmerica.  Indianapolis MuleSoft Meetup Leader.  15+ Years of I.T Experience which includes 5+ years of experience in Integrations and API Technologies.  Certified MuleSoft Integration Developer and Platform Architect.
  • 3. 3 Speakers Jitendra Bafna Senior Solution Architect Capgemini About the speaker:  Working as Senior Solution Architect at Capgemini.  Surat MuleSoft Meetup Leader.  12.5+ Years of Experience in Integrations and API Technologies.  Certified MuleSoft Integration Architect and platform Architect.
  • 4. Agenda One Way SSL Implementing One Way SSL With MuleSoft Two Way SSL Implementing Two Way SSL With MuleSoft Live Demonstration on One Way SSL and Two Way SSL Implementing HTTPS Proxy With MuleSoft References Trivia Quiz 1 2 3 4 5 6 7 8
  • 5. One Way SSL One way SSL only client verifies the server certificates. At the server end, there will be a Keystore that will hold the private and public certificate of the server whereas, at the client end, there will be a truststore that will hold the public certificate of the server.  Clients will send Hello and request for the resources on the secure HTTPS protocol.  The server will respond with its public certificate (.crt) and send Hello.  The client will verify the server public certificate in its truststore.  The client sends back symmetric session key generated using the server public certificate.  The server will decrypt the symmetric session key using its private certificate and send back the encrypted session key to the client for establishing a secure connection.
  • 7. One Way SSL Generate Server Keystore with Private Key keytool -genkey -alias mule-server -keysize 2048 -keyalg RSA -keystore C:/Certificates/server-keystore.jks Export Public Key from Server Keystore keytool -export -alias mule-server -keystore C:/Certificates/server-keystore.jks -file C:/Certificates/server_public.crt Generate Client Truststore and import server public key keytool -import -alias mule-client-public -keystore C:/Certificates/client-truststore.jks -file C:/Certificates/server_public.crt
  • 8. Two Way SSL Two way SSL client verifies the server certificates and the server verifies the client certificates. At the server end, there will be a Keystore which will hold the private and public certificate of the server and truststore which will hold the public certificate of client whereas, at the client end, there will be a Keystore which will hold the private and public certificate of client whereas truststore which will hold the public key of the server.
  • 9. Two Way SSL  Clients will send Hello and request for the resources on the secure HTTPS protocol.  The server will respond with its public certificate (.crt) and send Hello.  The client will verify the server public certificate in its truststore.  The client sends back symmetric session key generated using the server public certificate.  The server will decrypt the symmetric session key using the server private certificate and request for the client certificate.  The client will send its public certificate to the server and the server will verify the client public certificate in the server truststore.  The server will generate a session key and encrypt using the client public certificate and send it to the client.  The client will decrypt the session key using client private certificate and this way the key exchange between client and server. It will establish secure communication between client and server.
  • 11. Two Way SSL Generate Server Keystore with Private Key keytool -genkey -alias mule-server -keysize 2048 -keyalg RSA -keystore C:/Certificates/server-keystore.jks Export Public Key from Server Keystore keytool -export -alias mule-server -keystore C:/Certificates/server-keystore.jks -file C:/Certificates/server_public.crt Generate Client Truststore and import server public key keytool -import -alias mule-client-public -keystore C:/Certificates/client-truststore.jks -file C:/Certificates/server_public.crt Generate Client Keystore with Private Key keytool -genkey -alias mule-client -keysize 2048 -keyalg RSA -keystore C:/Certificates/client-keystore.jks Export the Public key from Client Keystore keytool -export -alias mule-client -keystore C:/Certificates/client-keystore.jks -file C:/Certificates/client_public.crt Generate Server Truststore and import client public key keytool -import -alias mule-server-public -keystore C:/Certificates/server-truststore.jks -file C:/Certificates/client_public.crt
  • 12. Demonstration on implementing One Way SSL and Two Way SSL (Mutual Authentication) With MuleSoft
  • 13. Implementing HTTPs Proxy With MuleSoft API Proxy (HTTPS) Application (HTTP) Secret Manager Keystore Truststore TLS Context Client Client Send Request To API Proxy over HTTPS API Proxy will perform SSL offloading and send request to implementation API
  • 14. Demonstration on implementing HTTPs Proxy With MuleSoft
  • 15. References ● https://docs.mulesoft.com/runtime-manager/anypoint-platform-cli-commands ● https://dzone.com/articles/enforcing-rate-limiting-policy-using-api-manager-a ● https://dzone.com/articles/enforcing-mulesoft-jwt-validation-policy-using-api ● https://www.youtube.com/playlist?list=PL5GwZHHgKcuDqJDLZ4ZylU_hpxommWq7d ● https://dzone.com/articles/anypoint-cli-with-mulesoft 15
  • 17. Get ready to WIN a Special Gift from MuleSoft Community Quiz Time