One Way SSL for MuleSoft Application | API Security

แชร์
ฝัง
  • เผยแพร่เมื่อ 28 ธ.ค. 2024

ความคิดเห็น • 60

  • @leeksdry
    @leeksdry 3 หลายเดือนก่อน

    Great video, explains the keystore and truststore in easy to understand example, thanks.

  • @NidhiSharma-sq8oy
    @NidhiSharma-sq8oy 4 ปีที่แล้ว +4

    You make life so easy with these bful videos,,, I have not seen any simpler video on SSL than this,,, Thanks Jitendra,,,,,

  • @user-DinuSru
    @user-DinuSru 4 ปีที่แล้ว +5

    Great Explanation...Guys, I swear if you are looking out for any knowledge on one way SSL ..This is by far the best video I have ever come across. watch it and you know why I said its best. Thank you Jitendra

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว +1

      Dinesh Kumar Thank You 😊 for great comment.

    • @user-DinuSru
      @user-DinuSru 4 ปีที่แล้ว +1

      @@muletechnologyacademy-zero5625 it's my pleasure. I gained good knowledge

  • @borna430
    @borna430 3 ปีที่แล้ว +2

    Great tutorial on this. For 3 days I was trying to figure out why I was getting SSL error and your video fixed my issues. Thanks a lot

  • @jimkyriacou4038
    @jimkyriacou4038 4 ปีที่แล้ว +1

    Jitendra....you've done it again! thanks so much for these great videos that help me along my learning journey!

  • @snehak9176
    @snehak9176 4 ปีที่แล้ว +1

    Very useful video!!!! Thank you Jitendra

  • @gokulprasath-ur1qy
    @gokulprasath-ur1qy 6 หลายเดือนก่อน

    Great Video

  • @SoumojitSaha95
    @SoumojitSaha95 4 ปีที่แล้ว +1

    Thank you Jitendra for the explanation.

  • @adityav155
    @adityav155 4 ปีที่แล้ว +1

    Thanks for the video Jitendra but neither you or anyone mentioned those commands in the comment section

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว

      aditya v I can see commands in comment section

    • @adityav155
      @adityav155 4 ปีที่แล้ว

      @@muletechnologyacademy-zero5625 will this work in mule 3.9 runtime. I have done the same and its getting deployed but after hitting the url its saying Error sending HTTP request to localhost:8082/test.

  • @joydeep79paul
    @joydeep79paul 4 ปีที่แล้ว +1

    Excellent video @Jitendra bafna
    Can you please share these commands...i am not able to see in this comments section.

  • @SuperVinaykumar1986
    @SuperVinaykumar1986 4 ปีที่แล้ว

    Great bro.. please do I video on security filter and authorisation filter. Thanks

  • @ManojH-r5n
    @ManojH-r5n ปีที่แล้ว

    For every request, client verifies particular server certificates every time, or this is required for first time to establish secure connection.

  • @mathiasschroeder3522
    @mathiasschroeder3522 3 ปีที่แล้ว +1

    Nice work. Thanks!

  • @AnoopRamachandranKaruthethil
    @AnoopRamachandranKaruthethil 3 ปีที่แล้ว +1

    Hi JB.. Thanks for taking time to provide this great explanation. Can you able to share the contents in Two-WaySSL text document to try it out ourself. Thanks much.

  • @bharathnageti4833
    @bharathnageti4833 3 ปีที่แล้ว +1

    HI Jitendra. I am getting Invalid keystore format.

  • @riderblack6401
    @riderblack6401 3 ปีที่แล้ว +1

    Thank you!

  • @anilbanepalli5271
    @anilbanepalli5271 3 ปีที่แล้ว +1

    Thanks bro..

  • @bharathkumarpartal2495
    @bharathkumarpartal2495 4 ปีที่แล้ว +1

    HI Jitendra,
    What if we deploy this application in cloudhub? Do we need to keep these jks files under resources itself?
    or we need to follow some shared location so that any other API's also can make use of the same JKS file if required.
    Thanks,
    Bharath

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว +1

      Bharath Kumar Partal yes. Just export and deploy cloudhub. Keep file in resources folder only

    • @bharathkumarpartal2495
      @bharathkumarpartal2495 4 ปีที่แล้ว

      @@muletechnologyacademy-zero5625 sure thank you so much

    • @subhra07
      @subhra07 4 ปีที่แล้ว

      Hello Bharath, you can also keep them in common location so that other apps can share. E.g. we usually use security folder inside jdk installation directory as truststore. Then from mule app you can just refer to that location. If you keep the jks inside resources, it will be visible only to that particular app. Hope this helps.

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว +1

      @@subhra07 There is no concept of common location when you deploy application to cloudhub. You need to have seperate truststore and keystore for every application deployed in cloudhub. For on premise you can use domain project or common location to keep your keystore and truststore which can be shared across application.

    • @subhra07
      @subhra07 4 ปีที่แล้ว +1

      @@muletechnologyacademy-zero5625 Agree. Common location for truststore/keystore is applicable for on prem/hybrid environment.

  • @mangogirl4008
    @mangogirl4008 4 ปีที่แล้ว +1

    Great , thanks

  • @santhoshkumar-wc7iv
    @santhoshkumar-wc7iv 4 ปีที่แล้ว

    Hi Jitendra when I use host as 0.0.0.0 in requester configuration its not working and getting general SSL engine problem, can you just tell what is the procedure to follow for the host if it is 0.0.0.0

  • @iam00ab
    @iam00ab ปีที่แล้ว

    I need to test with a system which doesnt support self-signed certificate. how do i get certificate by CA for development. Any free sites which i can use

  • @hrishikeshkamble7223
    @hrishikeshkamble7223 4 ปีที่แล้ว

    A question:
    While requesting the endpoint in second case, u used TLS config - edit inline , added trust store n send the request which gave u the response back; would I get the response if I select TLS config edit inline , check insecure algorithm n do not put the trust store??

    • @nimmalapraveen9353
      @nimmalapraveen9353 4 ปีที่แล้ว +1

      Yes, you will get response .But setting the 'insecure' property to 'true' renders connections vulnerable to attacks. Its use is only recommended for prototyping and testing purposes.

    • @hrishikeshkamble7223
      @hrishikeshkamble7223 4 ปีที่แล้ว

      @@nimmalapraveen9353 yeah see your point 👍..thanks for this!

  • @vivekravi5922
    @vivekravi5922 4 ปีที่แล้ว +2

    Hi Jitendra, could you please share the Keystool comments.Thanks in Advance.

  • @muletechnologyacademy-zero5625
    @muletechnologyacademy-zero5625  4 ปีที่แล้ว

    dzone.com/articles/implementing-one-way-and-two-way-ssl-mutual-authen

  • @lokeshtalluri8432
    @lokeshtalluri8432 4 ปีที่แล้ว

    Hi Jitendra, I followed same steps but it isn't working for me, still getting SSL engine error. I am using open jdk 8, could that be an issue??

    • @lokeshtalluri8432
      @lokeshtalluri8432 4 ปีที่แล้ว +1

      Hi Jitendra, If I skip prompts like organization name, country, province then that keystore and truststore are working, but If I give some dummy values it's failing. Looks like jks is smart enough to identify dummy values, is that correct??

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว

      Yes. Please provide name as localhost. Then it will work otherwise you will get ssl error

  • @janak192
    @janak192 4 ปีที่แล้ว +1

    can we give different password for generating server-keystore and client-trust-store ?

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว

      Yes you can have different password. Make sure while configuring tls on http listener or requestor, you give correct password.

  • @rajasekhar2007
    @rajasekhar2007 4 ปีที่แล้ว

    Hi Jitendra
    HTTPS connection is taking very long time to respond, I am always getting connecting time out exceeds even though time out increased.

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว

      Https will never take that much time. Please make sure 443 is not blocked on your machine. Generally 443 is always enabled.

  • @asishdas7824
    @asishdas7824 4 ปีที่แล้ว

    I am still getting same error : failed: General SSLEngine problem.

  • @muletechnologyacademy-zero5625
    @muletechnologyacademy-zero5625  4 ปีที่แล้ว +1

    Generate Server Keystore
    keytool -genkey -alias mule-server -keyalg RSA -keystore server-keystore.jks
    Extract Public Key from Server Keystore
    keytool -export -alias mule-server -keystore server-keystore.jks -file server_trust.crt
    Generate Client Truststore
    keytool -import -alias mule-server -keystore client-truststore.jks -file server_trust.crt

  • @niranjankoduru1
    @niranjankoduru1 4 ปีที่แล้ว

    I followed the same but i am getting same Genearal SSLEngine problem.

    • @muletechnologyacademy-zero5625
      @muletechnologyacademy-zero5625  4 ปีที่แล้ว +1

      Make sure while creating certificate firstname and lastnane must be localhost

    • @niranjankoduru1
      @niranjankoduru1 4 ปีที่แล้ว +1

      @@muletechnologyacademy-zero5625 Tq Sir Now it is working fine.