wso2 wso2-esb wso2-enterprise-integrator mutual-authentication

To Invoke Mutual SSL Enabled endpoint in WSO2 EI 6.4.0

I am trying Mutual SSL in WSo2 EI by following exact steps mentioned in this blog

WSO2 EI acts as client and Axis2server is backend

All Pre-requisites mentioned in this blog done and detailed steps are in another raised questions.

Axis2Server started
WSO2 EI Server Started

Pass through Proxy Service:

<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="SSLStockQuoteProxy"
       startOnLoad="true"
       statistics="disable"
       trace="disable"
       transports="http,https">
   <target>
      <outSequence>
         <send/>
      </outSequence>
      <endpoint>
         <address uri="https://axis2.backend.mytest:9002/services/SimpleStockQuoteService"/>
      </endpoint>
   </target>
   <description/>
</proxy>

Invoke the SSLStockQuoteProxy service using a axis2 client

Executed below command at <EI_HOME>/samples/axis2Client/ directory

C:\mutualssl\wso2axis2-6.4.0\wso2ei-6.4.0\samples\axis2Client>ant stockquote -Daddurl=http://localhost:8280/services/SSLStockQuoteProxy

The above command gives me result like below in same axis2 client

My Concern here is that if i invoke this proxy service via Try this Service tool below ERROR response i got.

I tested via API calls also.

API Code:

<api xmlns="http://ws.apache.org/ns/synapse" name="mutualsslapi" context="/mutualsslapi">
   <resource methods="GET">
      <inSequence>
         <log level="custom">
            <property name="INFO:" value="Hit received in Mutualssl API"/>
         </log>
         <call>
            <endpoint>
               <address uri="https://axis2.backend.mytest:9002/services/SimpleStockQuoteService"/>
            </endpoint>
         </call>
         <respond/>
      </inSequence>
      <outSequence/>
      <faultSequence>
         <log level="custom">
            <property name="ERROR_MESSAGE:::: " expression="get-property('ERROR_MESSAGE')"/>
         </log>
         <makefault version="soap11">
            <code xmlns:soap11Env="http://schemas.xmlsoap.org/soap/envelope/" value="soap11Env:Client"/>
            <reason expression="$ctx:ERROR_MESSAGE"/>
            <role/>
         </makefault>
         <send/>
      </faultSequence>
   </resource>
</api>

API Hit via postman:

WSO2 Logs:

[2023-04-05 22:11:00,948] []  INFO - LogMediator INFO: = Hit received in Mutualssl API

Apart from this, nothing printed in Logs when I invoke above mentioned API.

If mutual SSL is enabled, then that mutual ssl enabled endpoint (axis2 services ) call should happen right?

How to Test this Mutual SSL Flow?

Solution

Yes the call should go through if you have all the certificates in place. Your issue is you are not sending the correct Payload or the correct SOAPAction with the request. Which is mandatory if you are doing Soap calls. You can add the correct SOAP header like below before doing the call. Also make sure you send a proper payload to the backend.

<header name="Action" value="urn:getQuote" />