Creating SOAP Service with SSL

In this post I am going to explain you how to create simple SOAP service in tibco business work with SSL configuration.

Before going into details I am assuming that you have basic knowledge of SOAP wsdl terminologies.

Let’s start with Step by Step approach.

Step 1: Creating simple input Schema of Employee that has EmployeeID as String

tibco ssl

Step 2: Creating simple output Schema of Employee that has EmployeeName, Department, and Designation as xml elements.

tibco ssl

Step 3: Create Abstract WSDL

For creating abstract wsdl follow following steps

1. Right click on designer Add Recource->wsdl->wsdl

tibco ssl

2. Double click the wsdl and then add resource Message as shown in below figure

tibco ssl

3. Create 2 messages one Request and other Response and configure message with schema already created in above step

tibco ssl

4. Create operation by right clicking Add Resource->wsdl->porttype.

tibco ssl

5. Create the input and output Message by selection wsdl RequestMessage and ResponseMessage.

tibco ssl

Now I am going to create Self sign Certificate that will be used in SSL configuration of HTTP connection. For creating self-sign certificate I am using java key tools which is located under Tibco home jre

C:\TibcoHome\tibcojre64\1.7.0\bin

To generate a key file with both Public and Private keys; use following command:

keytool -genkey -keyalg RSA -alias test_certificate -keystore keystore.jks -storepass tibco@test-validity 360 -keysize 2048

tibco ssl

  • Aliasis used to give a name to your key. It should be unique for its purpose.
  • keyalgis encryption algorithm type. Here it is RSA.
  • storepassis the password affiliated to the repository.
  • jksis name of the file which acts as repository keys.
  • validity specified as 360 means this certificate will remain valid for 360 days.

By running this command keystore.jks file generated at tibcohome/jre/version/bin/keystore.jks

tibco ssl

Now the next step is to extract the public key by using command

keytool -export -alias test_certificate -storepass tibco@test -file test_server.cer -keystore keystore.jks

tibco ssl tibco ssl

Now we have our Public key in certificate file (test_server.cer). We can give this certificate file to any client who wants to communicate with our server where we will have the key installed.

Install SSL Certificate Key on Server Side:

For installing certificate I am creating identity from general resource pallet and configure the identity as shown in below figure

tibco ssl

Now go to Httpconnection configuration click on ssl and give this identity resource in identity configuration.

tibco ssl

This completes our ssl configuration.

 

Next step is to create process that accept soap message over https. For this I am creating a simple process with soap event source.

tibco ssl

You can check the wsdl Source tab and see the endpoint url exposed for client

tibco ssl

Right click on wsdl source validate and save the wsdl.

tibco ssl

Add reply activity and configure as below

tibco ssl

Now import and Install the certificate on client using same java key tools

 keytool -import -v -trustcacerts -alias test_certificate -file test_server.cer -keystore my-cert.jks -keypass tibco@test -storepass tibco@test

tibco ssl

Now open Soap UI and add new project, provide wsdl file that you saved

tibco ssl tibco ssl