英文:
WSO2 IntegrationStudio 8.2.0 Endpoint requiring SSL
问题
我有一个只能通过SSL验证访问的端点。例如,要通过Google Chrome访问它,我已安装了xxxx.p12证书。在其他实现中,比如Python,我可以通过在请求中明确指定证书部分来访问端点,即:
import requests
response = requests.get(request_URL, data=data, headers=self.headers, cert=(self.cert_prod, self.key_prod), verify=False)
其中self.cert_prod和self.key_prod是通过引用两个文件进行初始化的:
- self.cert_prod = 'SSLCerts/xxxx.crt'(从openssl pkcs12 -in xxxx.p12 -out xxxx.crt -nodes -nokeys获取)
- self.key_prod = 'SSLCerts/xxxx.key'(从openssl pkcs12 -in xxxx.p12 -out xxxx.key -nodes -nocerts获取)
我的意图是在WSO2 Micro Integrator中实现一个API调用,经过一些中介后,最终调用request_url(需要SSL)。我期望有一种方法可以在以下语句中引用证书(xxxx.p12或xxxx.crt/xxxx.key):
<endpoint>
<http method="post" uritemplate="request_url">
.....
</http>
.....
</endpoint>
但我无法找到适用的示例。有什么建议吗?
英文:
I've an endpoint which can be reached only through SSL validation. E.g. to reach it by Google Chrome, I've installed xxxx.p12 certificate. On other implementations, such as python, I can reach the endpoint by expliciting the cert part in the request, i.e.:
import requests
response = requests.get(request_URL, data=data, headers=self.headers, cert=(self.cert_prod,self.key_prod), verify=False)
where self.cert_prod and self.key_prod are initialised by referencing the two files:
- self.cert_prod = 'SSLCerts/xxxx.crt' (got from openssl pkcs12 -in xxxx.p12 -out xxxx.crt -nodes -nokeys)
- self.key_prod = 'SSLCerts/xxxx.key' (got from openssl pkcs12 -in xxxx.p12 -out xxxx.key -nodes -nocerts)
My intent is to implement an API call in wso2 Micro Integrator which, after some mediations, ultimately calls the request_url (requiring SSL). I'd expect there's a way to refer the certificates (xxxx.p12 or xxxx.crt/xxxx.key) in within the
<endpoint>
<http method="post" uritemplate="request_url">
.....
</http>
.....
</endpoint>
statement. But I wasn't able to find applicable examples. Any suggestion?
答案1
得分: 1
我相信您试图实现的是双向SSL验证,您可以使用WSO2中的动态SSL配置文件来实现这一目标。请查看此文档。
这个链接也可能对您有帮助,但只需阅读以理解概念和配置。这篇文章是针对较旧版本的WSO2编写的。
英文:
I believe what you are trying to achieve is Mutual SSL or two-way SSL verification. You can accomplish this with Dynamic SSL profiled in WSO2. Take a look at this document.
This may also come in handy, but just read this to understand the concept and configs. This is written for an older version of WSO2.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论