2019年10月21日月曜日

[MuleSoft Standalone 3.9] Create pkcs12 files for MuleSoft


 MuleSoft Standalone needs pkcs12 file in order to proxy UiPath Orchestrator REST API. Both Certificate and Private Key files are created by extracting the .pfx file of SSL certificate downloaded from IIS where Orchestrator is running.

○ Environment:

[MuleSoft Standalone]
    Version: 3.9.0
  [MuleSoft Anypoint Studio]
     Version: 6.4
  [OS]
     Windows Server 2016 (for MuleSoft Standalone)
     Windows 10 (for MuleSoft Anypoint Studio)

○ Create a Certificate and Private Key files for MuleSoft.

1. Export .pfx file from IIS where Orchestrator is running.
  1. Open IIS Manager on the server where Orchestrator is running. Then Open "Server Certificate".
  2. Select the certificate file to be exported.
     
  3. Select the "Detail" tab and press "Copy to File..." button.
  4. Press "Next" button.
  5. Select "Yes, export the private key" and press "Next" button.
  6. Check on "Personal Information in the certification path if possible" and press "Next" button.
  7. Input "Password" and "Confirm password" and press "Next" button.
  8. Input "File name" and press "Next" button.
  9. Press "Finish" button. The .pfx file is created.

           

2. Create pkcs12 files.

  1. Openssl must be installed. You can download MSI file for Openssl on Windows from here.
  2. The exported .pfx file must be copied in any directory in the PC where openssl is installed.
  3. Type the below command in the directory that .pfx file is copied in order to convert to pem file.
    4. C:\any directory> openssl pkcs12 -in {.pfx_file_name} -out orchestrator.pem
    Enter Import Password: {input_password_for_pfx_file}
    MAC verified OK
    Enter PEM pas prase: {input_new_password_for_PEM_file}
    Verifying - Enter PEM pass phrase: {retype_new_password}
    Warnug unsupported bag type: secretBag
  4. Type the below command in order to convert pem file to p12 file.
    5. C:\any directory> openssl pkcs12 -export -in {.pfx_file_name} -out orchestrator.p12 -name "orchestratotr"
    Enter pass phrase for orchestrator.pem: {input_password_for_pem_file_above}
    Enter Export Password: {input_new_password_for_pkcs12_file}
    Verifying - Enter Export Password: {retype_new_password}
    unable to write random state'
  5. Do the same for Root Certificate from IIS as well.

  2. Set the configuration for pkcs12 file on Mule Application.

  1. Open Mule App on MuleSoft Anypoint Studio.
  2. Cope pkcs12 file to "resources" directory.
  3. Open "HTTP activity" to set pkcs12 file as certificate.
  4. Set pkcs12 files in configuration for Certificate.

○ Reference:

1. https://slproweb.com/products/Win32OpenSSL.html





投稿者 時刻:

1 件のコメント:

  1. IT2019年11月18日 19:45

    I like your post very much. It is very much useful for my research. I hope you to share more info about this. Keep posting mulesoft certification

    返信削除

登録: コメントの投稿 (Atom)