Wiki source code of Sending certificates to a webservice
Last modified by Erik Bakker on 2024/08/26 12:58
Hide last authors
| author | version | line-number | content |
|---|---|---|---|
 |
1.1 | 1 | {{container}}{{container layoutStyle="columns"}}((( |
| |
7.1 | 2 | In this microlearning, we’ll focus on how to send a client certificate to a SOAP web service and how to configure eMagiz to trust these certificates. Certificates are essential for verifying identities and ensuring secure communication. We’ll guide you through the steps needed to properly set up your keystore and truststore, link them to your flow, and use them for secure SOAP web service calls. By the end, you'll know how to configure these settings in eMagiz to establish trust and secure your data exchanges. |
| |
1.1 | 3 | |
| 4 | Should you have any questions, please contact academy@emagiz.com. | ||
| 5 | |||
| |
2.1 | 6 | == 1. Prerequisites == |
| |
1.1 | 7 | * Basic knowledge of the eMagiz platform |
| |
3.1 | 8 | * Basic Understanding of certificates |
| 9 | * Valid Keystore (and Truststore) | ||
| |
1.1 | 10 | |
| |
2.1 | 11 | == 2. Key concepts == |
| |
3.1 | 12 | This microlearning centers around learning how to send a client certificate (and potentially trust a client certificate). |
| |
1.1 | 13 | |
| 14 | By certificates we mean: A trustworthy document that is interchanged between parties to verify that both parties are who they claim to be | ||
| 15 | |||
| |
3.1 | 16 | In most cases when you send a certificate to a web service we talk about sending a client certificate along with the web service call. |
| 17 | In some cases however the endpoint we call is not secured via a certificate chain containing a CA. In those cases, we need to explicitly trust the party to whom we are sending data by placing data in the truststore. | ||
| |
1.1 | 18 | |
| |
3.1 | 19 | In another microlearning, we will learn how to create the keystore and truststore. The focal point of this microlearning is how you need to configure eMagiz correctly to make this work. |
| |
1.1 | 20 | |
| |
3.1 | 21 | == 3. Sending certificates to a webservice |
| |
1.1 | 22 | |
| |
3.1 | 23 | In this microlearning, we will learn how you can send a certificate to a SOAP web service. |
| |
1.1 | 24 | |
| |
3.1 | 25 | In most cases when you send a certificate to a web service we talk about sending a client certificate along with the web service call. |
| 26 | In some cases however the endpoint we call is not secured via a certificate chain containing a CA. In those cases, we need to explicitly trust the party to whom we are sending data by placing data in the truststore. | ||
| |
1.1 | 27 | |
| |
3.1 | 28 | In the remainder of this section, we will step by step navigate you through the required steps that are needed to ensure that the keystore and truststore are properly linked to the flow and the component that is executing the SOAP web service call. The journey starts in the Create phase of eMagiz. |
| |
1.1 | 29 | |
| |
3.1 | 30 | The first step is to open the flow in which you want to call a SOAP web service. Within the flow enter "Start Editing" mode. The first component you should check for is whether the flow you have just opened already has a web service outbound gateway. This component should be at the end of your flow. |
| |
1.1 | 31 | |
| |
3.1 | 32 | After you have confirmed that such a component is indeed available in your flow please navigate to the Resources tab in the flow. In this tab, you see all Resources that are linked to the flow. For this exercise, we need to upload the key* and truststore via the button Upload New Resource. As a result, the resources overview should look similar as follows: |
| |
1.1 | 33 | |
| |
3.1 | 34 | [[image:Main.Images.Microlearning.WebHome@novice-securing-your-data-traffic-sending-certificates-to-a-webservice--resource-overview.png]] |
| |
1.1 | 35 | |
| |
3.1 | 36 | Now that we have uploaded the correct resources we need to download them again. The reason why we need to download them again is that eMagiz gives every document a unique name by adding a prefix to the name. This prefix is crucial to have as you need to use it to refer to the correct resource later on. |
| |
1.1 | 37 | |
| |
3.1 | 38 | The next step is to move back to the flow and add the support object called SSL web service message sender. Give the component a name and open it. Subsequently fill in the required fields (keystore path, keystore password, truststore path, truststore password). |
| |
1.1 | 39 | |
| |
3.1 | 40 | [[image:Main.Images.Microlearning.WebHome@novice-securing-your-data-traffic-sending-certificates-to-a-webservice--ssl-web-service-message-sender-filled-in.png]] |
| |
1.1 | 41 | |
| |
3.1 | 42 | Note: In case of update validate whether the alias field on the Advanced tab is used. If so verify if the alias still corresponds with what is registered in the keystore. |
| |
1.1 | 43 | |
| |
3.1 | 44 | When you are happy with your configuration close the pop-up and open the web service outbound component. Navigate to the advanced tab in this component and link the SSL web service message sender component to this functional component. |
| |
1.1 | 45 | |
| |
3.1 | 46 | This concludes the configuration of the flow. Press "Stop Editing" and create a new version of the flow. The only task remaining is to create properties (per environment) that refer to the paths and the password. The paths should be noted as: “resources/[filename of the key* or truststore]”. The password property should simply refer to the password. |
| |
1.1 | 47 | |
| |
5.1 | 48 | == 4. Key takeaways == |
| |
1.1 | 49 | |
| 50 | * Certificates are all about trust | ||
| |
3.1 | 51 | * With the help of the SSL web service message sender you can use certificates when calling a SOAP web service |
| 52 | * Always remember that eMagiz uses prefixes to make resources unique | ||
| |
1.1 | 53 | |
| |
5.1 | 54 | == 5. Suggested Additional Readings == |
| |
1.1 | 55 | |
| |
6.1 | 56 | * [[Novice (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Novice.WebHome||target="blank"]] |
| 57 | ** [[Securing Data Traffic (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.Securing Data Traffic.WebHome||target="blank"]] | ||
| 58 | *** [[What are certificates (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.Securing Data Traffic.novice-securing-your-data-traffic-what-are-certificates.WebHome||target="blank"]] | ||
| 59 | * [[Intermediate (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.WebHome||target="blank"]] | ||
| 60 | ** [[eMagiz Cloud Management (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.eMagiz Cloud Management.WebHome||target="blank"]] | ||
| 61 | *** [[Certificates (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.eMagiz Cloud Management.intermediate-emagiz-cloud-management-certificates||target="blank"]] | ||
| 62 | ** [[REST Connectivity (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.REST Connectivity.WebHome||target="blank"]] | ||
| 63 | *** [[Sending certificates to a REST web service (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.REST Connectivity.intermediate-rest-webservice-connectivity-certificates-when-calling-a-rest-webservice||target="blank"]] | ||
| 64 | * [[RCA Knowledge Base (Menu)>>doc:Main.eMagiz Support.RCA Knowledge Base.WebHome||target="blank"]] | ||
| 65 | ** [[Runtime Issues (Navigation)>>doc:Main.eMagiz Support.RCA Knowledge Base.rca-knowledgebase-runtime-issues.WebHome||target="blank"]] | ||
| 66 | *** [[Expiring Certificates (Explanation)>>doc:Main.eMagiz Support.RCA Knowledge Base.rca-knowledgebase-runtime-issues.rca-knowledgebase-expiring-certificates.WebHome||target="blank"]] | ||
| |
8.1 | 67 | * [[Certificate (Search Result)>>url:https://docs.emagiz.com/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_space_facet=0%2FMain.&f_type=DOCUMENT&f_locale=en&f_locale=&f_locale=en&text=%22certificate%22||target="blank"]] |
| |
1.1 | 68 | |
| 69 | )))((({{toc/}}))){{/container}}{{/container}} |