Is it possible to configure an SSL configuration per endpoint?
It appears that the WSO2 ESB supports a single SSL configuration (key-store/trust-store) for the HTTPS transport sender that is registered in the axis2.xml file. Is it possible to have multiple SSL configurations at the endpoint or proxy level? The scenario that we need to support is that all the web services that the ESB will proxy will only be accessible over HTTPS and will all require HTTPS with mutual authentication (a.k.a. client certs) as the authentication mechanism. Each endpoint may require a different client cert, so the ESB must be able to present multiple identities. Is that possible / supported?
Bookmark/Search this post with:
- Login or register to post comments
- Printer friendly version
- 194 reads
Currently this is not there, Please create a JIRA for this
Currently this is not there. We only have a single identity key store. Therefore, if external services require Client authentication and also require different certificates types, we are unable to do it. Definitely this is an interest thing. SSL configuration has to be given per proxy services. Please create a JIRA for this.
Thanks
Indika
Use different stunnel instances
You can configure and use different stunnel instances and use each instance as an endpoint in the ESB.
Roger van Kanten
Unit 4 Agresso
Stunnel
Thanks for the stunnel reference. Looks interesting but it is not something we use in our environment currently.
JIRA
Create JIRA: https://wso2.org/jira/browse/ESBJAVA-558
Kevin I agree on the
Kevin
I agree on the validity of your requirement.. could you file a JIRA for this enhancement and we will work on getting this support included
asankha
JIRA
Created JIRA: https://wso2.org/jira/browse/ESBJAVA-558