E-mail
|
Key
This line was removed.
This word was removed. This word was added.
This line was added.
|
Changes (3)
View Page History
...
This document contains all the use cases related to the Petals BC Gateway component. {tip}This use case runs with the Petals ESB Enterprise Pack 5.2.0. Its source code is available [here|https://svn.petalslink.org/svnroot/trunk/product/dev/prod/petals/petals-samples/petals-samples-gateway-soap-proxy].{tip}
The goal of this use-case is to show you how to configure the service units of BS SOAP and BC Gateway on two Petals ESB nodes to linked together create a SOAP proxy:
* to import into Petals ESB #2, an external service,
* to connect Petals ESB #1 and #2 with the Petals BC Gateway. The connection is secured using SSL,
* to export to outside an internal Petals service of the Petals ESB #1.
* to connect Petals ESB #1 and #2 with the Petals BC Gateway. The connection is secured using SSL,
* to export to outside an internal Petals service of the Petals ESB #1.
To secure the connection between both Petals ESBs, we rely on SSL that takes care of the actor certifications and the encryption:
* the provider domain is certified/authenticated at consumer domain level through the public part of the its certificate,
* and, the consumer domain is certified/authenticated at provider domain level through the public part of the its certificate.
* the provider domain is certified/authenticated at consumer domain level through the public part of the its certificate,
* and, the consumer domain is certified/authenticated at provider domain level through the public part of the its certificate.
!Overview.png!
...h3. Running the use case
h4. Generating certificates
h5. Generating the provider domain certificate
The provider domain certificate can be generated through specific keystore 'Provider Domain' containing the private/public key pair of the provider domain, as following command line:
{code}
keytool -genkey -alias provider-domain-key -keyalg RSA -keysize 2048 \
-dname "CN=Provider Domain, OU=Petals, O=Linagora, L=Grasse, ST=AM, C=FR" \
-storetype PKCS12 -storepass providerdomainpwd -keystore /tmp/provider-domain.pfx
keytool -exportcert -rfc -alias provider-domain-key \
-keystore /tmp/provider-domain.pfx -storepass providerdomainpwd \
-file /tmp/provider-domain-cert.pem
{code}
h5. Generating the consumer domain certificate
The consumer domain certificate can be generated through specific keystore 'Consumer Domain' containing the private/public key pair of the consumer domain, as following command line:
{code}
keytool -genkey -alias consumer-domain-key -keyalg RSA -keysize 2048 \
-dname "CN=Consumer Domain, OU=Petals, O=Linagora, L=Grasse, ST=AM, C=FR" \
-storetype PKCS12 -storepass consumerdomainpwd -keystore /tmp/consumer-domain.pfx
keytool -exportcert -rfc -alias consumer-domain-key \
-keystore /tmp/consumer-domain.pfx -storepass consumerdomainpwd \
-file /tmp/consumer-domain-cert.pem
{code}
h5. Generating the provider domain certificate
The provider domain certificate can be generated through specific keystore 'Provider Domain' containing the private/public key pair of the provider domain, as following command line:
{code}
keytool -genkey -alias provider-domain-key -keyalg RSA -keysize 2048 \
-dname "CN=Provider Domain, OU=Petals, O=Linagora, L=Grasse, ST=AM, C=FR" \
-storetype PKCS12 -storepass providerdomainpwd -keystore /tmp/provider-domain.pfx
keytool -exportcert -rfc -alias provider-domain-key \
-keystore /tmp/provider-domain.pfx -storepass providerdomainpwd \
-file /tmp/provider-domain-cert.pem
{code}
h5. Generating the consumer domain certificate
The consumer domain certificate can be generated through specific keystore 'Consumer Domain' containing the private/public key pair of the consumer domain, as following command line:
{code}
keytool -genkey -alias consumer-domain-key -keyalg RSA -keysize 2048 \
-dname "CN=Consumer Domain, OU=Petals, O=Linagora, L=Grasse, ST=AM, C=FR" \
-storetype PKCS12 -storepass consumerdomainpwd -keystore /tmp/consumer-domain.pfx
keytool -exportcert -rfc -alias consumer-domain-key \
-keystore /tmp/consumer-domain.pfx -storepass consumerdomainpwd \
-file /tmp/consumer-domain-cert.pem
{code}
h4. Starting the consumer domain
...