Discussions
Categories
- 17.9K All Categories
- 3.4K Industry Applications
- 3.4K Intelligent Advisor
- 75 Insurance
- 537.7K On-Premises Infrastructure
- 138.7K Analytics Software
- 38.6K Application Development Software
- 6.1K Cloud Platform
- 109.6K Database Software
- 17.6K Enterprise Manager
- 8.8K Hardware
- 71.3K Infrastructure Software
- 105.4K Integration
- 41.6K Security Software
2-way SSL on JCS-SaaS Extension

Hi,
We are trying to invoke a 3rd party web service (from custom java code) which enforces client authentication (2-way SSL).
How do we configure JCS-SX to enable this? What I have done so far:
1) Obtained the PKCS12 certificate from the client.
2) Imported the PKCS12 file in a new JKS keystore:
keytool -genkey -alias mycertificate -keyalg RSA -keysize 2048 -keystore mykeystore
keytool -delete -alias mycertificate -keystore mykeystore
keytool -v -importkeystore -srckeystore Currency-Importer.pfx -srcstoretype PKCS12 -destkeystore mykeystore -deststoretype JKS
Import was successful.
3) Tried to add the JKS to JCS-SX using the command below:
\javacloud-sdk>javacloud -dc us2 -p <password> -add-ssl-private-key -path mykeystore -alias mykey -debug true
The above command fails with
[ERROR] - javax.ws.rs.WebApplicationException: java.lang.IllegalArgumentException:
Missing body part entity of type 'application/octet-stream'
|
+----> Caused By : java.lang.IllegalArgumentException: Missing body part
entity of type 'application/octet-stream'
|
+-------> Caused By : Missing body part entity of type 'application/
octet-stream'
I could not find any documentation on how to use -add-ssl-private-key command. The reason I'm trying to add this is because I need to set the property 'ssl.twoway.client.enabled' to the alias of the private key.
Can someone please suggest how do I configure a client authentication on JCS-SaaS extension?
Answers
-
We were able to make this work. The steps are the same, however, there was some issue with importing the PKCS file in JKS using keytool. We used KeyExplorer to create a JKS file and import the PKCS file in it, and then add the JKS file to private keys.
We also updated the config 'ssl.twoway.client.alias' to point to the private key alias (created above) and then restarted the server.