How To? Mule 4 - 2Way SSL (Two Way SSL) for Anypoint MuleSoft CloudHub or OnPrem

Easy steps on how to integrate 2Way SSL to your MuleSoft Application:

Six easy steps to configure the 2Way SSL:

Note: Hostname or IP must match exactly to make sure it's a valid SSL.

Step 1:

keytool -noprompt -validity 365 -genkey -v -alias server -keyalg RSA -keystore ../ssl/server.keystore -dname "CN=org.api360.apps.ssl,OU=IT,O=arnado,L=KS,ST=Manila,c=cn" -storepass password123 -keypass password123

Step 2:

keytool -noprompt -validity 365 -genkeypair -v -alias client -keyalg RSA -storetype PKCS12 -keystore ../ssl/client.p12 -dname "CN=clientCN,OU=clientOU,O=arnado,L=devLaptop,ST=Manila,c=cn" -storepass password123 -keypass password123

Step 3:

keytool -noprompt -export -v -alias client -keystore ../ssl/client.p12 -storetype PKCS12 -storepass password123 -rfc -file ../ssl/client.cer

Step 4:

keytool -noprompt -export -v -alias server -keystore ../ssl/server.keystore -storepass password123 -rfc -file ../ssl/server.cer

Step 5:

keytool -noprompt -import -v -alias server -file ../ssl/server.cer -keystore ../ssl/client.truststore -storepass password123

Step 6:

keytool -noprompt -import -v -alias client -file ../ssl/client.cer -keystore ../ssl/server.keystore -storepass password123

I've run the steps and have provided an expected or similar output using Console (MacOS)

Step 1
keytool -noprompt -validity 365 -genkey -v -alias server -keyalg RSA -keystore ../ssl/server.keystore -dname "CN=org.api360.apps.ssl,OU=IT,O=arnado,L=KS,ST=Manila,c=cn" -storepass pA5sw0rd2018 -keypass pAs5w0rd2018
---
Output:
---
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 365 days
for: CN=org.api360.apps.ssl, OU=IT, O=arnado, L=KS, ST=Manila, C=cn
[Storing ../ssl/server.keystore]

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore ../ssl/server.keystore -destkeystore ../ssl/server.keystore -deststoretype pkcs12".
---

Step 2
keytool -noprompt -validity 365 -genkeypair -v -alias client -keyalg RSA -storetype PKCS12 -keystore ../ssl/client.p12 -dname "CN=cnClient,OU=ouClient,O=arnado,L=VirtualDev,ST=Manila,c=cn" -storepass pA5sw0rd2018 -keypass pAs5w0rd2018
---
Output
---
Warning:  Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified -keypass value.
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 365 days
for: CN=cnClient, OU=ouClient, O=arnado, L=VirtualDev, ST=Manila, C=cn
[Storing ../ssl/client.p12]
---

Step 3
keytool -noprompt -export -v -alias client -keystore ../ssl/client.p12 -storetype PKCS12 -storepass pA5sw0rd2018 -rfc -file ../ssl/client.cer
---
Output
---
Certificate stored in file <../ssl/client.cer>
---

Step 4
keytool -noprompt -export -v -alias server -keystore ../ssl/server.keystore -storepass pA5sw0rd2018 -rfc -file ../ssl/server.cer
---
Output
---
Certificate stored in file <../ssl/server.cer>

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore ../ssl/server.keystore -destkeystore ../ssl/server.keystore -deststoretype pkcs12".
---

Step 5
keytool -noprompt -import -v -alias server -file ../ssl/server.cer -keystore ../ssl/client.truststore -storepass pA5sw0rd2018
---
Output
---
Certificate was added to keystore
[Storing ../ssl/client.truststore]
---

Step 6
keytool -noprompt -import -v -alias client -file ../ssl/client.cer -keystore ../ssl/server.keystore -storepass pA5sw0rd2018
---
Output
---
Certificate was added to keystore
[Storing ../ssl/server.keystore]

Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore ../ssl/server.keystore -destkeystore ../ssl/server.keystore -deststoretype pkcs12".

Side Track: Send Money To Philippines No Fee or Lower Fee for Instance Send http://remit.ly/1vs5eot

Hi,

I know this is not a tech topic but I just want to share my experience when sending money and cheap and easy.

I found Remitly site as an alternative of Xoom. I've been a Xoom customer but it seems, there fee is high and their exchange rate is low.

I'm not paid to promote either Remitly or Xoom. I am just sharing my thought to the world on how you can save. To cut the story short, I found Remitly as way cheaper with the same services that Xoom does but Remitly is free when you send it and use your checking account. But, if you want to send an instant money, you can use Debit with lower fee and better exchange rate than Xoom.

Anyway, you can compare it by yourself but if you want to enroll or sign-up to Remitly please use the link http://remit.ly/1vs5eot because to tell you honestly, I will get a credit too. Once you sign-up, try to invite your circle of friends too and you will get a credit as well. The more the merrier.

Again "please / paki / palihug lang / mabalin" click or use the link http://remit.ly/1vs5eot

Thank you and Happy 2018!