Friday, March 30, 2018

How To? Mule 4 - 2Way SSL (Two Way SSL) for Anypoint MuleSoft CloudHub or OnPrem

Easy steps on how to integrate 2Way SSL to your MuleSoft Application:

Six easy steps to configure the 2Way SSL:

Note: Hostname or IP must match exactly to make sure it's a valid SSL.

Step 1:
keytool -noprompt -validity 365 -genkey -v -alias server -keyalg RSA -keystore ../ssl/server.keystore -dname "CN=org.api360.apps.ssl,OU=IT,O=arnado,L=KS,ST=Manila,c=cn" -storepass password123 -keypass password123
Step 2:
keytool -noprompt -validity 365 -genkeypair -v -alias client -keyalg RSA -storetype PKCS12 -keystore ../ssl/client.p12 -dname "CN=clientCN,OU=clientOU,O=arnado,L=devLaptop,ST=Manila,c=cn" -storepass password123 -keypass password123
Step 3:
keytool -noprompt -export -v -alias client -keystore ../ssl/client.p12 -storetype PKCS12 -storepass password123 -rfc -file ../ssl/client.cer
Step 4:
keytool -noprompt -export -v -alias server -keystore ../ssl/server.keystore -storepass password123 -rfc -file ../ssl/server.cer
Step 5:
keytool -noprompt -import -v -alias server -file ../ssl/server.cer -keystore ../ssl/client.truststore -storepass password123
Step 6:
keytool -noprompt -import -v -alias client -file ../ssl/client.cer -keystore ../ssl/server.keystore -storepass password123

I've run the steps and have provided an expected or similar output using Console (MacOS)

Step 1
keytool -noprompt -validity 365 -genkey -v -alias server -keyalg RSA -keystore ../ssl/server.keystore -dname "CN=org.api360.apps.ssl,OU=IT,O=arnado,L=KS,ST=Manila,c=cn" -storepass pA5sw0rd2018 -keypass pAs5w0rd2018
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 365 days
for: CN=org.api360.apps.ssl, OU=IT, O=arnado, L=KS, ST=Manila, C=cn
[Storing ../ssl/server.keystore]

The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore ../ssl/server.keystore -destkeystore ../ssl/server.keystore -deststoretype pkcs12".

Step 2
keytool -noprompt -validity 365 -genkeypair -v -alias client -keyalg RSA -storetype PKCS12 -keystore ../ssl/client.p12 -dname "CN=cnClient,OU=ouClient,O=arnado,L=VirtualDev,ST=Manila,c=cn" -storepass pA5sw0rd2018 -keypass pAs5w0rd2018
Warning:  Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified -keypass value.
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 365 days
for: CN=cnClient, OU=ouClient, O=arnado, L=VirtualDev, ST=Manila, C=cn
[Storing ../ssl/client.p12]

Step 3
keytool -noprompt -export -v -alias client -keystore ../ssl/client.p12 -storetype PKCS12 -storepass pA5sw0rd2018 -rfc -file ../ssl/client.cer
Certificate stored in file <../ssl/client.cer>

Step 4
keytool -noprompt -export -v -alias server -keystore ../ssl/server.keystore -storepass pA5sw0rd2018 -rfc -file ../ssl/server.cer
Certificate stored in file <../ssl/server.cer>

The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore ../ssl/server.keystore -destkeystore ../ssl/server.keystore -deststoretype pkcs12".

Step 5
keytool -noprompt -import -v -alias server -file ../ssl/server.cer -keystore ../ssl/client.truststore -storepass pA5sw0rd2018
Certificate was added to keystore
[Storing ../ssl/client.truststore]

Step 6
keytool -noprompt -import -v -alias client -file ../ssl/client.cer -keystore ../ssl/server.keystore -storepass pA5sw0rd2018
Certificate was added to keystore
[Storing ../ssl/server.keystore]

The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore ../ssl/server.keystore -destkeystore ../ssl/server.keystore -deststoretype pkcs12".

Monday, January 15, 2018

Side Track: Send Money To Philippines No Fee or Lower Fee for Instance Send


I know this is not a tech topic but I just want to share my experience when sending money and cheap and easy.

I found Remitly site as an alternative of Xoom. I've been a Xoom customer but it seems, there fee is high and their exchange rate is low.

I'm not paid to promote either Remitly or Xoom. I am just sharing my thought to the world on how you can save. To cut the story short, I found Remitly as way cheaper with the same services that Xoom does but Remitly is free when you send it and use your checking account. But, if you want to send an instant money, you can use Debit with lower fee and better exchange rate than Xoom.

Anyway, you can compare it by yourself but if you want to enroll or sign-up to Remitly please use the link because to tell you honestly, I will get a credit too. Once you sign-up, try to invite your circle of friends too and you will get a credit as well. The more the merrier.

Again "please / paki / palihug lang / mabalin" click or use the link

Thank you and Happy 2018!