In my previous post Oracle API Gateway: Configure Inbound one way ssl in OAG I showed you how to enable one way ssl in oracle application gateway for the inbound communication. In this blog post I am going to configure one way ssl certificate for outbound communication for example suppose you want to call a http service which is secured by SSL certificates.
Note: I don't have the ssl service so that I can show as an example but I will list down all the basic steps require to configure outbound ssl communication
Steps to configure outbound one way SSL in OAG:
- Extract the Public Key cert
- Import Certificate in OAG
- Create Policy for SSL outbound connection in OAG
- Create HTTP listener to consume this policy
Extract the Public Key cert
- Go to Command Prompt or Putty --> run the command openssl s_client -connect HOSTNAME:PORT
- The Key is printed on the screen, copy the key and save it to the file e.g. testcert.cer
Import Certificate in OAG
- Go to Certificates and Keys --> certificates tab --> click on create/import
- Click import to import the finacle certificate created above, and give some alias name e.g. testcert.cer
Create Policy for SSL outbound connection in OAG
- Go to Policies --> Create container "Outbound" --> Add Policy "SSL"
- Drag and drop Connect to URL filter, configure as below
- Go to SSL Tab --> and select the finacle cert you have imported before like below
- Click OK and Finish wizard
Create HTTP listener to consume this policy
- Go to Listerners --> Oracle API Gateway --> Default Services --> Paths --> Add new Relative path and use the policy created above
- Click OK and deploy all the configurations.
hostname verification error
Hostname verification should be disable. If the issue persist try to make machine hostname and CN name in the certificate same.