How to authenticate BPEL process to a PL with Client SSL Cerificate
515820Feb 29 2008 — edited Mar 20 2009Hi,
I need to invoke a partner link which requires authentication with Client SSL certificate. So, here is the use case:
- The PL's endpoint is https://some.server.com/web_service;
- I have a client SSL certificate supplied by the web service provider in the form of PKCS12 (PFX) file. I should use this certificate for authentication.
I read carefully the BPEL Administration Guide, the part about SSL authentication (http://download.oracle.com/docs/cd/B31017_01/integrate.1013/b28982/security.htm#CHDHIBEG), but in this guide is described how outer services can be authenticated by the BPEL Process Manager with client SSL certificates, not the vice versa.
So, I completed the following tasks:
- I imported the server certificate of https://some.server.com/web_service into $ORACLE_HOME/jdk/jre/lib/security/cacerts file;
- since I didn't find a way to import the client certificate as a PFX file, I converted it PEM file, using OpenSSL utilities and manage to import in cacerts client certificate's public key, but not the private key. Of course this didn't help me in any way to get authenticated.
I would appreciate any help on this topic!
Thank you!
Simeon