Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure web services > Secure bus-enabled web services
Invoke outbound services over HTTPS
Use SSLs (SSL) to allow the service integration bus to invoke external web services that include https:// in their addresses.
There are two ways to set the bus to use SSL with SOAP over HTTPS messages:
- Configure SSL certificate and key management for a managed endpoint.
- Use a JAX-RPC handler to set the SSL configuration.
By default, each managed endpoint is already configured to use SSL. However you will have to modify the default configuration, for example to add information about the keys and keystores that the external web service uses.
Alternatively, you can use a JAX-RPC handler to set the SSL configuration. You might want to do this because you are upgrading from a previous version of WAS and the configuration is already set to work in this way, or because we have to target an SSL configuration very precisely; for example to secure each service or each invocation.
To configure SSL certificate and key management for a managed endpoint, see Create an SSL configuration.
To use a JAX-RPC handler to set the SSL configuration, complete the following steps:
Procedure
- Start the admin console.
- Create a new SSL repertoire configuration entry.
- Create a new JAX-RPC handler class that sets the property ssl.configName to a value that is the name of the SSL repertoire configuration that we have just created. For example:
public class SSLHandler extends GenericHandler { public QName[] getHeaders() { return null; } public boolean handleRequest(MessageContext mc) { // Insert SSL property mc.setProperty("ssl.configName", "myNode/SSLConfig"); return super.handleRequest(mc); } }
- Create a new JAX-RPC handler configuration for the handler.
- Create a new JAX-RPC handler list, then select the handler that sets the SSL configuration name property and add it to the handler list.
- Use the instructions given in Modify an existing outbound service configuration to navigate to the admin console page Service integration -> Buses -> bus_name -> [Services] Outbound Services -> service_name -> Outbound Ports -> port_name , where service and port indicate the outbound port that is to use SSL.
- Set the JAX-RPC Handler list property by selecting, from the drop-down list, the handler list that sets the SSL configuration name property.
- Save your changes to the master configuration.
Related
Bus-enabled web services troubleshooting tips