WSO2 IntegrationStudio 8.2.0 需要 SSL 的终端点

huangapple go评论71阅读模式
英文:

WSO2 IntegrationStudio 8.2.0 Endpoint requiring SSL

问题

我有一个只能通过SSL验证访问的端点。例如,要通过Google Chrome访问它,我已安装了xxxx.p12证书。在其他实现中,比如Python,我可以通过在请求中明确指定证书部分来访问端点,即:

import requests

response = requests.get(request_URL, data=data, headers=self.headers, cert=(self.cert_prod, self.key_prod), verify=False)

其中self.cert_prod和self.key_prod是通过引用两个文件进行初始化的:

  • self.cert_prod = 'SSLCerts/xxxx.crt'(从openssl pkcs12 -in xxxx.p12 -out xxxx.crt -nodes -nokeys获取)
  • self.key_prod = 'SSLCerts/xxxx.key'(从openssl pkcs12 -in xxxx.p12 -out xxxx.key -nodes -nocerts获取)

我的意图是在WSO2 Micro Integrator中实现一个API调用,经过一些中介后,最终调用request_url(需要SSL)。我期望有一种方法可以在以下语句中引用证书(xxxx.p12或xxxx.crt/xxxx.key):

<endpoint>
    <http method="post" uritemplate="request_url">
    .....
    </http>
  .....
</endpoint>

但我无法找到适用的示例。有什么建议吗?

英文:

I've an endpoint which can be reached only through SSL validation. E.g. to reach it by Google Chrome, I've installed xxxx.p12 certificate. On other implementations, such as python, I can reach the endpoint by expliciting the cert part in the request, i.e.:

import requests

response = requests.get(request_URL, data=data, headers=self.headers, cert=(self.cert_prod,self.key_prod), verify=False)

where self.cert_prod and self.key_prod are initialised by referencing the two files:

  • self.cert_prod = 'SSLCerts/xxxx.crt' (got from openssl pkcs12 -in xxxx.p12 -out xxxx.crt -nodes -nokeys)
  • self.key_prod = 'SSLCerts/xxxx.key' (got from openssl pkcs12 -in xxxx.p12 -out xxxx.key -nodes -nocerts)

My intent is to implement an API call in wso2 Micro Integrator which, after some mediations, ultimately calls the request_url (requiring SSL). I'd expect there's a way to refer the certificates (xxxx.p12 or xxxx.crt/xxxx.key) in within the

&lt;endpoint&gt;
    &lt;http method=&quot;post&quot; uritemplate=&quot;request_url&quot;&gt;
    .....
    &lt;/http&gt;
  .....
&lt;/endpoint&gt;

statement. But I wasn't able to find applicable examples. Any suggestion?

答案1

得分: 1

我相信您试图实现的是双向SSL验证,您可以使用WSO2中的动态SSL配置文件来实现这一目标。请查看此文档

这个链接也可能对您有帮助,但只需阅读以理解概念和配置。这篇文章是针对较旧版本的WSO2编写的。

英文:

I believe what you are trying to achieve is Mutual SSL or two-way SSL verification. You can accomplish this with Dynamic SSL profiled in WSO2. Take a look at this document.

This may also come in handy, but just read this to understand the concept and configs. This is written for an older version of WSO2.

huangapple
  • 本文由 发表于 2023年5月11日 17:41:58
  • 转载请务必保留本文链接:https://go.coder-hub.com/76226240.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定