Mule provides out of the box supports for HTTPS. Here in this post I am going to explain how to create a simple HTTPS server and access it.
Before we begin
Before we begin, let’s understand a little bit about Keystore and Truststore.
Keystore: In short Keystore is a server side asset which stores the private keys and the certificates with their public/private keys.
Truststore: Truststore is a client side asset which serves as a repository of certificates (CA or simple) that the client should trust.
To know more about Keystore and Truststore please read this article.
Creating Keystore and Truststore
Let’s get our hands dirty now. The process is as follows,
- Create the Keystore and generate a certificate.
- Export the certificate.
- Import the certificate to the Truststore.
We will use the keytool that comes with Java. Please create a temporary directory somewhere in your drive.Now please open a terminal and navigate to the directory and execute the following command,
keytool -genkey -alias mule -keyalg RSA -keystore keystore.jks
On execution, it will ask keystore password and some general information. And at the end it will ask for the password of the key.Points to be noted ,
keystore password: keystorepass
key password: keystorepass
(Please feel free to use different passwords for keystore and key. I used the same password for the sake of simplicity). Here is a simple screenshot,
The process above creates a keystore as well as a certificate. Now we have to export the certificate so that it can be added to the truststore as the trusted certificate. Now please execute the following command in the terminal,
keytool -export -alias mule -file client.cer -keystore keystore.jks
The key points here is to specify the key (mule) and the keystore (keystore.jks) we have created in the previous step. You can use any file name. Here I am calling it as client.cer. On executing it will ask for the password of the keystore.In our case it is keystorepass. Here is a screenshot,
After creation of the certificate (client.cer) we will populate our truststore with it. So, let’s create a truststore. Please execute the following command in the terminal,
keytool -import -v -trustcacerts -alias mule -file client.cer -keystore truststore.ts
Important points to be noted here is the key (in our case it’s mule) , the certificate file (client.cer) and the name of the truststore (truststore.ts). On execution of the command, it will ask for password for the truststore being created. You can choose anything you want. I have chosen truststorepass for simplicity. Here is a screenshot,
Okay, you are done with creation of Keystore and Truststore. Congrats. Now let’s move on to next steps.
Create a simple Mule project.
Let’s create the simplest mule project and the simplest flow. The scenario is as follows, “We have a HTTP server running on port 8081. On sending request to the server on the http://localhost:8081/app/ uri, it will call an HTTPS server running on port 8082″. That’s it. Here is a screenshot,
HTTPS Server Configuration
I have copied the keystore and truststore to the resource/keystore directory of the project. Please check the screenshot,
Now let’s configure the flow HTTPS_Server_OneWaySSL. Here is the screenshot,
Do remember that in the Server we are using the keystore.
HTTPS Client Configuration
Now let’s configure the flow HTTPS_Client_OneWaySSL.
Remember that here in the client configuration we are using the truststore created.
Now execute the flow and make a request in the uri http://localhost:8081/app/. You should get a response from the HTTPS server running on 8082.
That’s it. Please find the source code here.