Introduction
This article explains how the inbound transaction can be authenticated using 2 way SSL mechanism.
Audience
It is assumed that readers of this article know how to setup B2B enterprise profile and partner on webMethods.io B2B platform.
Prerequisites
- Set up B2B enterprise profile, partner profile, Business Document
- Working inbound transaction in B2B platform
Topics Covered
- What is 2-way SSL?
- Generating certificates for 2-way SSL
- Configure the certificates at partner profile
- Invoking the transaction using postman client
Use Case:
- We will implement the 2-way SSL authentication mechanism for inbound transaction.
- When the request is submitted by client along with certificates, request will get authenticated with public certificate available on partner profile.
- Post authentication request can be seen on monitor tab.
What is 2 way SSL authentication?
- In two-way SSL authentication, the client application verifies the identity of the server application, and then the server application verifies the identity of the client application. Both parties share their public certificates, and then validation is performed. Two-way SSL authentication works with a mutual handshake by exchanging the certificates.
Generate the 2-way SSL certificates
- Navigate to the partner profile for which you want to implement the inbound transaction.
- In our case it will be Reliance partner
- Navigate to the certificate tab
- Click on Add partner certificate → 2 way SSL/TLS
- We can either generate the certificate or upload the certificate.
Configure the certificates at partner profile
Case1: Upload the certificate
- In case of upload, provide the certificate in .der.cer format
- Provide the common name for the certificate and then click on save
Case2 : Generate the certificate
- Select the generate option
- You will notice the mandatory field like common name is auto populated.
- Click on save
- Once you click on save the pfx file get downloaded which contains the public key and private key.
- Please note once the file is downloaded, certificate private key won’t be available on the portal.
- You can download the public key as many as times as you want but Incase if the private key is misplaced, we need to again generate the certificates.
Endpoints for 2-way SSL
- In B2B to have connectivity using 2 way SSL request needs to be hit on specific port.
- B2B product exposes the 8443 port and this port is responsible for handling all the 2-way SSL request For example
Inbound URL :
https://tenanatName.int-aws-us.webmethods.io/b2b/routes/channel/
Inbound URL for 2 way SSL:
https://tenanatName.int-aws-us.webmethods.io:8443/b2b/routes/channel/
Invoking the transaction using postman client
Navigate to the postman client
Click on settings–> Certificates
Provide the hostname: .int-aws-us.webmethods.io
Port: 8443
Either provide the certificate and key or provide the pfx file
Provide the password, in our case by default certificate generated from B2B have password “ changeit ”
In our case we will provide the .pfx file which we generated from B2B portal
Click Add
Provide the username and password under the basic authentication.
Trigger the request.
Note: Even though we are using 2 way ssl certificate for authentication but we still need to pass the credentials for authentication to happen at channel level.
Top comments (0)