Invoking outbound services over HTTPS
Use Secure Sockets Layers (SSL) to allow the service integration bus to invoke external web services that include https:// in their addresses.
There are two ways to set the bus to use SSL with SOAP over HTTPS messages:
- Configure SSL certificate and key management for a managed endpoint.
- Use a JAX-RPC handler to set the SSL configuration.
By default, each managed endpoint is already configured to use SSL. However you will have to modify the default configuration, for example to add information about the keys and keystores that the external web service uses.
Alternatively, we can use a JAX-RPC handler to set the SSL configuration. We might want to do this because you are upgrading from a previous version of WAS and the configuration is already set to work in this way, or because we have to target an SSL configuration very precisely; for example to secure each service or each invocation.
To configure SSL certificate and key management for a managed endpoint, see Create a Secure Sockets Layer configuration.
To use a JAX-RPC handler to set the SSL configuration...
- Start the console.
- Create a new Secure Sockets Layer repertoire configuration entry.
- Create a new JAX-RPC handler class that sets the property ssl.configName to a value that is the name of the SSL repertoire configuration that we have just created. For example:
public class SSLHandler extends GenericHandler { public QName[] getHeaders() { return null; } public boolean handleRequest(MessageContext mc) { // Insert SSL property mc.setProperty("ssl.configName", "myNode/SSLConfig"); return super.handleRequest(mc); } }
- Create a new JAX-RPC handler configuration for the handler.
- Create a new JAX-RPC handler list, then select the handler that sets the SSL configuration name property and add it to the handler list.
- Use the instructions given in Modify an existing outbound service configuration to navigate to the console page Service integration -> Buses -> bus_name -> [Services] Outbound Services -> service_name -> Outbound Ports -> port_name, where service and port indicate the outbound port that is to use SSL.
- Set the JAX-RPC Handler list property by selecting, from the drop-down list, the handler list that sets the SSL configuration name property.
- Save the changes to the master configuration.
Related
Bus-enabled web services troubleshooting tips
Related information:
Overriding the default security configuration between bus-enabled web services and a secure bus Configure secure transmission of SOAP messages by using WS-Security Work with password-protected components