webMethods Integration Cloud tutorial
Summary
Two-way SSL authentication, also referred to as client or mutual authentication or certificate-based authentication, refers to two parties authenticating each other by verifying the provided digital certificate, so that both the parties are assured of the other's Identity.
In this tutorial, we will create an integration in webMethods Integration Cloud, expose the integration over HTTP (exposing the integration over HTTP allows the integration to be executed from an outside environment), and then execute the integration using 2-way SSL authentication by using a REST Client (Postman). You can also use the same technique for SOAP APIs, REST APIs, or any other exposed APIs.
Actors
- Integration developers who develop and expose the integrations over HTTPS in Integration Cloud.
- Integration executors who runs integrations.
Before you begin
You must have the permissions to create and execute integrations in Integration Cloud under Settings > Access Profiles > Administrative Permissions > Functional Controls > Integrations.
Visual Model
Basic Flow
1. Log in to Integration Cloud.
2. Create an Integration (testApp) in Integration Cloud.
3. On the Integrations page, click the integration link, and on the integration Overview page, select the Enable Integration to be invoked over HTTP option.
4. Click Settings > Client Certificate.
5. Select the User. You can either upload a certificate to the user if there are any available CA-signed certificates, or you can generate and assign a certificate to the user.
Click Browse to upload a certificate if you want to use the user's own certificate or click Generate to generate and download the private and public key for the user. After downloading the file, copy the private key to a file and name it as {privateKeyFileName}.key and the public key to a file and name it as {publicKeyFileName}.crt.
Click Browse to upload a certificate if you want to use the user's own certificate or click Generate to generate and download the private and public key for the user. After downloading the file, copy the private key to a file and name it as {privateKeyFileName}.key and the public key to a file and name it as {publicKeyFileName}.crt.
6. Open the Postman REST client and click Settings > Certificates. Then click Add Certificate.
7. The Add Certificate page appears. Now configure the certificate and private key in Postman.
8. As shown in the following figure, specify the Host name and the port number as 8443. Specify the location of the key files, that is, the CRT file (certificate) and the KEY file (private key). Click Add to save the two-way SSL configuration.
9. Now open a new tab in Postman and add the request details you have obtained from Integration Cloud. The request details are available after you select the Enable Integration to be invoked over HTTP option.
10. To execute the Integration, configure a POST request in Postman as shown below and click Send. Change the port to 8443 of your service. URL is https://mydomain.webmethodscloud.com:8443/<Your service URL>.
Exceptions
The following errors may occur in the REST Client when there is a certificate mismatch between what is specified in Integration Cloud with what is sent from the REST Client.
- The server could not send a response.
- Self-signed SSL certificates are blocked.