Sending certificates to a REST web service

In this microlearning, we will dive into using certificates (both trust as client) when sending data to a REST web service. Building on concepts from a previous course, where we discussed sending certificates to a SOAP web service, we will now focus on applying that knowledge to REST services. If you need a refresher on certificates, feel free to review the earlier course linked below. By the end of this session, you will be able to configure eMagiz to send certificates securely when calling a REST web service.

Should you have any questions, please get in touch with academy@emagiz.com.

1. Prerequisites

• Intermediate knowledge of the eMagiz platform
• Basic knowledge of certificates. More information can be found here in the Novice course on the subject.

2. Key concepts

This microlearning centers around sending certificates when calling a REST Webservice.

• By certificates, we mean: A trustworthy document that is interchanged between parties to verify that both parties are whom they claim to be

In most cases, when you send a certificate to a REST service, we talk about sending a client certificate along with the REST service call. In some cases, however, the endpoint we call is not secured via a certificate chain containing a known CA. In those cases, we need to explicitly trust the party to whom we are sending data by placing data in the truststore.

In another microlearning, we will learn how to create the Keystore and truststore. The focal point of this microlearning is how you need to configure eMagiz correctly to make this work.

3. Sending certificates to a REST web service

This microlearning will teach us how to use certificates (both trust as client) when sending data to a REST web service. In a previous course, we introduced the concept of certificates and learned about sending certificates to a SOAP web service. If you need a refresher, please check out that course. We will build upon that knowledge in this microlearning and apply our expertise to the world of REST web services.

We need a support object to ensure that the proper certificates are sent along with the call to the REST web service. Support objects are components in eMagiz that support the working of other elements. In this case, we need a REST Template as our support object.

3.1 REST Template

When you navigate to the Create phase, you can open an exit flow and see whether you already have an HTTP outbound component within your exit flow. If not, please add an HTTP outbound component (gateway or channel adapter) to the flow. In a previous microlearning, we focused on these components so that we won't focus on these components in this microlearning.

To ensure that specific authorization is added to this HTTP outbound component, we need to add the support object called REST Template to the flow:

After adding the support object to the canvas and giving it a name, you can open it by double-clicking on the component. eMagiz will show you the following pop-up:

As you can see here, you can select various authentication schemes. Those are discussed in other microlearnings. Today the focus will be on the Advanced tab on this screen.

In this case, we first have to select the type of request factory (ApacheHttpComponents). This will allow us to define the correct configuration. After we have chosen this option, you will notice that the options on the page change.

As you can see, most of the configuration is set to default values. These default values are correct in most cases. Only deviate from them with a good reason—the only thing left for us to define the proper truststore and Keystore, including password. As a best practice, we want to enter those values with the help of properties to alter them per environment.

Once you are satisfied, you can press Save.

3.2 Link REST Template to HTTP Outbound Component

Now that we have successfully configured the REST Template, the last thing we need to do is link the REST Template to the HTTP Outbound component in your flow. To do so, open the HTTP Outbound component by double-clicking on the component. After you have opened the component, you need to navigate to the advanced tab. On this tab, you can select a REST Template. Select the one we have just configured from the drop-down menu and press Save.

Now you have successfully linked the REST Template to the HTTP Outbound Gateway. If you ever want to validate whether a support object is linked to your component, click on it once. That way, eMagiz will show the selected element and all other parts that are linked to it.

4. Key takeaways

• eMagiz facilitates both sending and receiving data to/from external systems via REST web services.
• Two HTTP Outbound components are available:
  • Use the HTTP Outbound Gateway when a response is needed.
  • Use the HTTP Outbound Channel Adapter when no response is required.
• To perform these data interactions, eMagiz must be authorized to read from or write to the external service.
• Certificates are crucial for secure communication with REST web services, ensuring both trust and client identity verification.
• To use certificates with REST services in eMagiz:
  • Add a REST Template to your flow for managing certificate configurations.
  • Configure the REST Template with the correct Keystore and Truststore, and do not forget to link it to the HTTP Outbound component.

5. Suggested Additional Readings

If you are interested in this topic and want more information, please read the help text provided by eMagiz and read the following links:

• Novice Level (Menu)
  • Securing Data Traffic (Navigation)
    • What are certificates (Explanation)
    • Sending certificates to a webservice (Explanation)
• Sending certificates to a REST web service (Search Results)