TIBCO BW6 SSL Rest Web Service Tutorial: One Way & Two Way SSL in BW6 REST Service

By | December 24, 2020

TIBCO BW6 provides a graphical & developer-friendly eclipse based IDE known as Business Studio to design & implement business processes by utilizing readily available palettes and activities. For implementation of REST web services in BW6, TIBCO BW provides a great feature-rich support in Business Studio without installing and setting up any additional plugins contrary to TIBCO BW5 where a separate REST & JSON Plugin was needed in order to implement Restful web services.

When we need to secure our TIBCO BW6 REST web services, we need to use the power of TIBCO BW6 to configure one-way or Mutual SSL which provides transport level security to our web services. To configure our HTTP connection with one-way or two-way SSL, TIBCO BW6 provides some shared resources which we need to duly configure to turn our HTTP service into HTTPS service quite efficiently and conveniently.

In this TIBCO BW6 SSL Tutorial, we will see how to configure one-way SSL for TIBCO BW6 REST Service and then we will see how to configure Two Way SSL (Mutual SSL) in TIBCO BusinessWorks 6.x Rest web service. In another tutorial, I explained step by step how to invoke or consume a REST Web Service Using TIBCO BW6.

Step by Step Tutorial for One-Way and Two Way SSL configuration in TIBCO BW6

All the steps that you need to perform for implementation of a secure web service with one way and two way SSL have been covered in below video tutorial on YouTube channel of TutorialsPedia with a simple use-case. For this tutorial, Keystores and Certificates have been generated locally without and no CA signing has been done. You can refer to my tutorials on how to generate self signed certificate using OpenSSL if you want to use OpenSSL for creating keystore. Alternatively you can use Java Keytool to generate self-signed certificates and keystores and if you prefer a graphical tool instead of command line, you can refer to my tutorial explaining how to use Portecle to generate self-signed certificates and keystores.

If we briefly sum-up all the steps from this TIBCO BW6 SSL REST Service video tutorial, here are the steps:

  • Create a TIBCO BW Project in Business Studio and add a REST Web Service.
  • Implement business logic in the process with some valid response in Reply activity.
  • Configure HTTP connection by providing host & port. Under Security, check Confidentiality checkbox.
  • Make sure that you have Server Keystore, Client Public Certificate (for two way SSL scenario) ready. For this, refer to above links to generate self-signed certificates using OpenSSL or Keytool or Portecle.
  • Configure SSL Server Resource. In SSL Server Resource provide reference to a KeyStore Resource (choose Create a New Shared Resource Option for that). For SSL Server Resource, you will also need to provide alias and password.
  • When configuring Server Keystore, for URL, provide reference to your server keystore JKS file and provide its password. In case if you created PK12 instead of JKS, you will have to choose the type as PKCS#12 in type drop down list.
  • In case of Two way SSL, you will need to check Enable Mutual Authentication checkbox in SSL Server Resource Configuration and then provide reference to a truststore.
  • TrustStore should have reference to a store where you should have already imported client trusted certificate. You can use cacerts truststore for this purpose which is already available in TIBCO JRE under security folder.
  • Once you have everything configured as above, you should be able to access the service from a client.
  • In case of one-way SSL, you should be able to access your service from client without configuring client identity but in case of two way SSL, client side should be configured with its own keystore as its identity.

You may refer to another post on this blog explaining How One Way and Two-Way SSL works and what are the differences between one way and two way SSL from conceptual perspective.

Feel free to comment below if you have any questions or need any further clarity on this topic.


Ajmal Abbasi

Ajmal Hussain Abbasi is Integration Consultant By Profession with 12+ years experience in Integration domain mainly with TIBCO products. He has extensive practical knowledge of TIBCO Business Works, TIBCO Cloud, TIBCO Flogo, TIBCO Mashery, TIBCO Spotfire, EMS and TIBCO ActiveSpaces. He has worked on a number of highly critical integration projects in various sectors by using his skills in TIBCO Flogo, TIBCO API Management (Mashery), TCI, Tibco Designer, TIBCO Business Studio, Adapters, TIBCO EMS, RV, Administrator, TIBCO BE, TIBCO ActiveSpaces etc. Ajmal Abbasi has experience with MuleSoft ESB as well. Ajmal Abbasi is also experienced in the area of API Management particularly with WSO2 API management platforms. Ajmal Abbasi is also experienced in developing solutions using Core Java and J2EE Technologies. You can contact Ajmal Abbasi for Consultancy, Technical Assistance and Technical Discussions.

More Posts - Website - Facebook - LinkedIn - YouTube

One thought on “TIBCO BW6 SSL Rest Web Service Tutorial: One Way & Two Way SSL in BW6 REST Service

  1. Pingback: Develop REST Service in BW6 Step by Step Tutorial | TutorialsPedia

Leave a Reply

Your email address will not be published. Required fields are marked *