1. External system act as a client to ESB.
Eg:- SOAP UI invoking ESB proxy
2. External system is a server to ESB.
EG:- ESB invoking external service
Following image depicts all certificate exchange steps to cater above scenarios.
Friday, February 19, 2016
WSO2 ESB Mutual SSL - Certificate exchange
We need to consider two scenarios here.
1. External system act as a client to ESB.
Eg:- SOAP UI invoking ESB proxy
2. External system is a server to ESB.
EG:- ESB invoking external service
Following image depicts all certificate exchange steps to cater above scenarios.
1. External system act as a client to ESB.
Eg:- SOAP UI invoking ESB proxy
2. External system is a server to ESB.
EG:- ESB invoking external service
Following image depicts all certificate exchange steps to cater above scenarios.
Wednesday, February 17, 2016
how to import a private key in to JKS
Lets take following scenario where you implement an application based on asymmetric cipher (Eg:- RSA). Assume you are responsible for the decryption part, where you have to use the given private key to handle this.
Probably you will get only the private key or private key and the certificate. I'm going to take the first instance assuming you have only the private key.
Note :- assume name of the private key is private_key.pem
1. Create a certificate sign request using the given private key.
Self-sign:
If you already have java key store configured within your application, let's merge above tmp_keystore.jks with the existing key store.
Probably you will get only the private key or private key and the certificate. I'm going to take the first instance assuming you have only the private key.
Note :- assume name of the private key is private_key.pem
1. Create a certificate sign request using the given private key.
openssl req -new -key private_key.pem -out key_cert_r.csr2. Get the certificate signed by an authorized party/self-sign.
Self-sign:
openssl x509 -req -days 365 -in key_cert_r.csr -signkey private_key.pem -out key_cert.crt3. Generate a pkc12 key store using the private key and above certificate.
openssl pkcs12 -export -name alias -in key_cert.crt -inkey private_key.pem -out keystore.p124. Generate a java key-store using above pkc12 keystore.
keytool -importkeystore -destkeystore tmp_keystore.jks -srckeystore keystore.p12 -srcstoretype pkcs12 -alias alias
If you already have java key store configured within your application, let's merge above tmp_keystore.jks with the existing key store.
keytool -importkeystore -destkeystore existing_keystore.jks -srckeystore tmp_keystore.jks
Sunday, February 7, 2016
SVN cheat sheet
This is not the place to learn SVN commands, I'm just creating this as a reference to some important commands.
Revert local file change
svn revert <file_name>
Take a diff from two revisions
svn diff -r <old_revision>:<new_revision>
Update to the latest revision
svn update "<path>"
Update to a specific revision
svn update -<revision_number> "<path>"
Add new files/directory to track
svn add <file_name>|<directory_name>
Delete with a message
svn -m "<messahe>" delete "<path>"
Revert local file change
svn revert <file_name>
Take a diff from two revisions
svn diff -r <old_revision>:<new_revision>
Update to the latest revision
svn update "<path>"
Update to a specific revision
svn update -<revision_number> "<path>"
Add new files/directory to track
svn add <file_name>|<directory_name>
Delete with a message
svn -m "<messahe>" delete "<path>"
Subscribe to:
Posts (Atom)