Author |
Message
|
kunal07 |
Posted: Tue Jul 30, 2013 10:34 pm Post subject: SSL setup in HTTP Request Node for Linux Message Broker V8 |
|
|
Acolyte
Joined: 05 Dec 2012 Posts: 72
|
Hi All,
i know i am asking a bit silly question here, i saw most of the posted related to this topic in this forum. but i m still confused how to start configuring the SSL setup.
My Flow is like,
MQInput Node---->Compute Node---->HTTP Request Node----MQOutPut Node.
i have to send the Incoming message received my MQInputNode and Post it to Client using HTTP requst node. i have the URL which is https://...
so i have to configure SSL to use HTTPS request by message broker.
as my DEV Broker(v8.0.0.2) is in Linux environment, can any one tell me the steps how can do that, what are the things i have to keep in my mind.
 |
|
Back to top |
|
 |
kunal07 |
Posted: Wed Jul 31, 2013 2:41 am Post subject: |
|
|
Acolyte
Joined: 05 Dec 2012 Posts: 72
|
Please any help is really appreciated  |
|
Back to top |
|
 |
dogorsy |
Posted: Wed Jul 31, 2013 2:47 am Post subject: Re: SSL setup in HTTP Request Node for Linux Message Broker |
|
|
Knight
Joined: 13 Mar 2013 Posts: 553 Location: Home Office
|
kunal07 wrote: |
as my DEV Broker(v8.0.0.2) is in Linux environment, can any one tell me the steps how can do that, what are the things i have to keep in my mind.
 |
have you tried looking at the documentation? what does it say ? |
|
Back to top |
|
 |
Tibor |
Posted: Wed Jul 31, 2013 3:06 am Post subject: |
|
|
 Grand Master
Joined: 20 May 2001 Posts: 1033 Location: Hungary
|
|
Back to top |
|
 |
lancelotlinc |
Posted: Wed Jul 31, 2013 3:11 am Post subject: |
|
|
 Jedi Knight
Joined: 22 Mar 2010 Posts: 4941 Location: Bloomington, IL USA
|
|
Back to top |
|
 |
kunal07 |
Posted: Wed Jul 31, 2013 3:38 am Post subject: |
|
|
Acolyte
Joined: 05 Dec 2012 Posts: 72
|
Thanks Tibor for the links, i had seen them already.
i am follwoing the step from this link : http://www.ibm.com/developerworks/websphere/library/techarticles/1205_bhat/1205_bhat.html
so i have created the Keystore using below command,
keytool -genkey -alias MBDEV01 -keystore keystore.jks -keysize 2048
i am following the other steps as of now...
@lancelotlinc : i am using HTTP Request Node, i have the url for this , which is HTTPS so i have configure SSL.[/quote] |
|
Back to top |
|
 |
fatherjack |
Posted: Wed Jul 31, 2013 3:45 am Post subject: |
|
|
 Knight
Joined: 14 Apr 2010 Posts: 522 Location: Craggy Island
|
As has been discussed previously in this forum you don't necessarily have to go through all the steps in the Infocenter doc. There is a built in truststore that contains lots of well known CA certs. In the absence of your own truststore WMB uses this by default.
So you might get away with just specifying the https url in the http request node. Try it and see what happens befor you go building your PKI infrastructure.
Of course you'll probably hit some network issues that prevent your request getting out (I'm making the assumption that the target is outside your network) _________________ Never let the facts get in the way of a good theory. |
|
Back to top |
|
 |
kunal07 |
Posted: Wed Jul 31, 2013 4:02 am Post subject: |
|
|
Acolyte
Joined: 05 Dec 2012 Posts: 72
|
thanks fatherjack for the below info,
can you also tell how to get use built in truststore that contains lots of well known CA certs  |
|
Back to top |
|
 |
ganesh |
Posted: Wed Jul 31, 2013 4:37 am Post subject: |
|
|
Master
Joined: 18 Jul 2010 Posts: 294
|
If you have a wsdl use a SOAP node instead of HTTP node. |
|
Back to top |
|
 |
kunal07 |
Posted: Wed Jul 31, 2013 4:57 am Post subject: |
|
|
Acolyte
Joined: 05 Dec 2012 Posts: 72
|
i do not have a wsdl file with me.
i have to use HTTP request node for posting the incoming messages into the URL provided by client. |
|
Back to top |
|
 |
fatherjack |
Posted: Wed Jul 31, 2013 6:18 am Post subject: |
|
|
 Knight
Joined: 14 Apr 2010 Posts: 522 Location: Craggy Island
|
kunal07 wrote: |
can you also tell how to get use built in truststore that contains lots of well known CA certs |
Not sure what you're asking here? _________________ Never let the facts get in the way of a good theory. |
|
Back to top |
|
 |
lancelotlinc |
Posted: Wed Jul 31, 2013 6:49 am Post subject: |
|
|
 Jedi Knight
Joined: 22 Mar 2010 Posts: 4941 Location: Bloomington, IL USA
|
kunal07 wrote: |
i do not have a wsdl file with me.
i have to use HTTP request node for posting the incoming messages into the URL provided by client. |
Are you calling a SOAP-based Web Service ? If so, execute the query WSDL function against the URL. _________________ http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
Back to top |
|
 |
kunal07 |
Posted: Sun Aug 04, 2013 9:04 pm Post subject: |
|
|
Acolyte
Joined: 05 Dec 2012 Posts: 72
|
Hi , i got some update on this as, client doest not use KeyStore and certificate signing request (CSR) for Server Authentication.
Client use shared secret Authentication, so In Broker i still have to use Keystore or how can i make connection to Client url(https://...)
Plz help  |
|
Back to top |
|
 |
dogorsy |
Posted: Mon Aug 05, 2013 1:43 am Post subject: |
|
|
Knight
Joined: 13 Mar 2013 Posts: 553 Location: Home Office
|
kunal07 wrote: |
Hi , i got some update on this as, client doest not use KeyStore and certificate signing request (CSR) for Server Authentication.
Client use shared secret Authentication, so In Broker i still have to use Keystore or how can i make connection to Client url(https://...)
Plz help  |
I think you need to work out who is the client and who is the server in your case before posting anything you are told. |
|
Back to top |
|
 |
lancelotlinc |
Posted: Mon Aug 05, 2013 3:25 am Post subject: |
|
|
 Jedi Knight
Joined: 22 Mar 2010 Posts: 4941 Location: Bloomington, IL USA
|
dogorsy wrote: |
kunal07 wrote: |
Hi , i got some update on this as, client doest not use KeyStore and certificate signing request (CSR) for Server Authentication.
Client use shared secret Authentication, so In Broker i still have to use Keystore or how can i make connection to Client url(https://...)
Plz help  |
I think you need to work out who is the client and who is the server in your case before posting anything you are told. |
If you are not clear on what the real requirement is, how is it we will know? _________________ http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
Back to top |
|
 |
|