HTTPS-Mule

Introduction

Mule provides out of the box supports for HTTPS. Here in this post I am going to explain how to create a simple HTTPS server and access it.

Before we begin

Before we begin, let’s understand a little bit about Keystore and Truststore.

Keystore: In short Keystore is a server side asset which stores the private keys and the certificates with their public/private keys.

Truststore: Truststore is a client side asset which serves as a repository of certificates (CA or simple) that the client should trust.

To know more about Keystore and Truststore please read this article.

Creating Keystore and Truststore

Let’s get our hands dirty now. The process is as follows,

  1. Create the Keystore and generate a certificate.
  2. Export the certificate.
  3. Import the certificate to the Truststore.

step 1

We will use the keytool that comes with Java. Please create a temporary directory somewhere in your drive.Now please open a terminal and navigate to the directory and execute the following command,

keytool -genkey -alias mule -keyalg RSA -keystore keystore.jks

On execution, it will ask keystore password and some general information. And at the end it will ask for the password of the key.Points to be noted ,

key: mule

keystore:  keystore.jks

keystore password:  keystorepass

key password: keystorepass

(Please feel free to use different passwords for keystore and key. I used the same password for the sake of simplicity). Here is a simple screenshot,

keystore
Create Keystore.

Step 2

The process above creates a keystore as well as a certificate. Now we have to export the certificate so that it can be added to the truststore as the trusted certificate. Now please execute the following command in the terminal,

keytool -export -alias mule -file client.cer -keystore keystore.jks

The key points here is to specify the key (mule) and the keystore (keystore.jks) we have created in the previous step. You can use any file name. Here I am calling it as client.cer. On executing it will ask for the password of the keystore.In our case it is keystorepass. Here is a screenshot,

certi
Create certificate.

Step 3

After creation of the certificate (client.cer) we will populate our truststore with it. So, let’s create a truststore. Please execute the following command in the terminal,

keytool -import -v -trustcacerts -alias mule -file client.cer -keystore truststore.ts

Important points to be noted here is the key (in our case it’s mule) , the certificate file (client.cer) and the name of the truststore (truststore.ts). On execution of the command, it will ask for password for the truststore being created. You can choose anything you want. I have chosen truststorepass for simplicity. Here is a screenshot,

truststore
Generate Truststore.

Okay, you are done with creation of Keystore and Truststore. Congrats. Now let’s move on to next steps.

Create a simple Mule project.

Let’s create the simplest mule project and the simplest flow. The scenario is as follows, “We have a HTTP server running on port 8081. On sending request to the server on the http://localhost:8081/app/ uri, it will call an HTTPS server running on port 8082″. That’s it. Here is a screenshot,

flow
Flow

HTTPS Server Configuration

I have copied the keystore and truststore to the resource/keystore directory of the project. Please check the screenshot,

project-structure
Project Structure.

Now let’s configure the flow HTTPS_Server_OneWaySSL. Here is the screenshot,

https
HTTPS

Do remember that in the Server we are using the keystore.

HTTPS Client Configuration

Now let’s configure the flow HTTPS_Client_OneWaySSL. 

http_client_general
HTTP Client configuration (General)
http_client_ssl
Http Client Configuration (SSL)

 

Remember that here in the client configuration we are using the truststore created.

Now execute the flow and make a request in the uri http://localhost:8081/app/. You should get a response from the HTTPS server running on 8082.

 

That’s it. Please find the source code here.

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s