Mirth: calling an SSL SOAP web service with a client certificate

Question

The scenario is around calling an external SSL SOAP web service from within Mirth. The web service is requires an SSL/TLS connection along with a client certificate.

The intention is to use the built-in SOAP Sender Destination to call the remote secure web service, and somehow include that client certificate.

I understand that you first need to install that client certificate into the Java runtime. This may be within the Java runtime's certificate store or the Jetty certstore.

The platform:

• Windows 2003 SP2
• Mirth 1.8
• Java jre1.5.0_09

Question: what configuration steps (Mirth, JRE certificate stores, etc.) would you suggest to successfully have a Mirth SOAP Sender include a client certificate (*.cer) when calling a web service secured by SSL?

Answer 1

Mirth 1.8 cannot send a client cert when calling a SOAP web service.

Answer 2

I'm late a bit here for this but actually there is a possibility that it could. By sending a few config parameters to the JVM you could get the underlying SOAP engine to switch to HTTPs and provide the proper certificate.

refer to this question for details on which parameters to set for configuring the VM

http://stackoverflow.com/questions/1666052/java-https-client-certificate-authentication

you will notice there are quite a few things to take care of. Normally HTTPs and client authentication should "just work" once you configured your certificates appropriately. BUT there are some servers out there that are not so friendly to B2B style clients so you have to watch out.

Using JDK 6_21 and a few tweaks with the certificate I was able to get one of them servers to behave but it was long and painful on our side for something that takes about 15 minutes to configure properly on the server.

here is another question that address this very issue (client side authentication towards unfriendly servers).

http://stackoverflow.com/questions/1531712/client-ssl-authentication-causing-403-7-error-from-iis