Mule HTTPS access

Question

To access my test I use http://hostDesired.com/service?WSDL: it's a regular service proxy running direct into Mule.

How can I change it to be able to access using https://hostDesired.com/service?WSDL? What I tried and did not work was:

<?xml version="1.0" encoding="UTF-8"?>

<mule xmlns:ssl="http://www.mulesoft.org/schema/mule/ssl" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core"
    xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml" xmlns:https="http://www.mulesoft.org/schema/mule/https"
    xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:spring="http://www.springframework.org/schema/beans" xmlns:http="http://www.mulesoft.org/schema/mule/http"
    xmlns:pattern="http://www.mulesoft.org/schema/mule/pattern"
    xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
    xmlns:ss="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.mulesoft.org/schema/mule/ee/core http://www.mulesoft.org/schema/mule/ee/core/current/mule-ee.xsd
http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd
http://www.mulesoft.org/schema/mule/https http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/3.4/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/3.4/mule-http.xsd
http://www.mulesoft.org/schema/mule/pattern http://www.mulesoft.org/schema/mule/pattern/3.4/mule-pattern.xsd
http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.4/mule-spring-security.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.mulesoft.org/schema/mule/ssl http://www.mulesoft.org/schema/mule/ssl/current/mule-ssl.xsd" version="EE-3.4.0">

    <mule-ss:security-manager>
        <mule-ss:delegate-security-provider
            name="memory-dao" delegate-ref="authenticationManager" />
    </mule-ss:security-manager>

    <spring:beans>
        <ss:authentication-manager alias="authenticationManager">
            <ss:authentication-provider>
                <ss:user-service id="userService">
                    <ss:user name="asd" password="asd" authorities="ROLE_ADMIN" />
                </ss:user-service>
            </ss:authentication-provider>
        </ss:authentication-manager>
    </spring:beans>

    <https:connector name="httpsConnector">
    <https:tls-key-store path="keystore.jks"
        keyPassword="${jks.password}" storePassword="${jks.password}" />
    </https:connector>

    <pattern:web-service-proxy name="ProxyService"
          inboundAddress="https://desiredHost/services/Services/Service"
          outboundAddress="http://remoteHost/services/Service.svc"
          wsdlLocation="http://remoteHost/services/Service.svc?singleWSDL"/>

</mule>

It didn't work... how or what can i do to change it into Mule?

The basic idea is to add encryption from client to the proxy server.

Answer 1

When you use an HTTPS inbound endpoint, you need to configure the HTTPS connector so Mule knows what certificate(s) to use when handling the requests.

Refer to the HTTPS connector's configuration page: http://www.mulesoft.org/documentation/display/current/HTTPS+Transport+Reference

Since it's quite confusing on the doc, let me add that all you need is a correctly configured https:tls-key-store element in https:connector, similar to:

<https:connector name="httpsConnector">
    <https:tls-key-store path="keystore.jks"
        keyPassword="${jks.password}" storePassword="${jks.password}" />
</https:connector>

This sample assumes that your keystore file is named keystore.jks and is available on the classpath. Also it assumes that you have declared the jks.password property and that you use the same password for both the keystore and the key. Adapt it to your own situation.