0

I have .crt and privatekey.pem keys which can be used for making HTTPS GET API request.

We can't use these certificates directly in mulesoft for making https API requests.

As far I know it supports Trust store configuration and Key store configuration in the JCEKS, JKS and PKCS12 formats

I have tried using the command below

openssl x509 -outform der -in certificate.private.pem -out certificate.der
keytool -import -alias your-alias -keystore cacerts -file certificate.der

It's failing with the error below after running openssl command mentioned below

unable to load certificate
140706477451034:error:09A2F34C:PEM routines:CRYPTO_internal:no start line:/Library/BuildRoots/97f7341o-dq75-11ed-a4bc-863efbbaf86g/Library/Caches/Sources/libressl/libressl-3.3/crypto/pem/pem_lib.c:694:Expecting: TRUSTED CERTIFICATE

how I can convert my keys to these specific formats and how I can use it while making https get requests from Mulesoft's Anypoint Studio

I didn't find a right article for converting .CRT and .PEM files to Mule supported file formats.

Improve this question
12
  • There are dozen of blogs and previous Stackoverflow answers explaining how to convert certificate formats. Search for how to convert or import those formats to a Java keystore or just PKCS12. By the way you said MuleSoft when you mean Mule runtime. Commented May 18, 2023 at 13:49
  • @aled can you point me to one right blog in which they showed converting .crt and .pem files to pkcs12 format and used it in mulesoft? Commented May 18, 2023 at 13:57
  • google.com/search?q=java+import+pem+to+keystore. I'll leave the CRT search as an exercise Commented May 18, 2023 at 14:03
  • Does this answer your question? Import PEM into Java Key Store Commented May 18, 2023 at 14:04
  • Let me give it a try and confirm Commented May 18, 2023 at 14:05

1 Answer 1

Reset to default
0

We can convert the two .crt and privatekey.pem files into a single JKS file, as required by the Mule HTTP connector for sending HTTPS GET requests with certificates

The commands to convert .crt and privatekey.pem certs into JKS files are listed below.

openssl pkcs12 -export -inkey private_key.pem -in certificate.crt -out keystore.p12

keytool -importkeystore -srckeystore keystore.p12 -srcstoretype PKCS12 -destkeystore keystore.jks -deststoretype JKS

The keystore.jks file will be created and then placed in the mule's project src/main/resource  folder as seen in the picture below.

enter image description here

After adding it, click on + under Basic Settings to add a http connector and set a configuration similar to the one shown in the following picture.

enter image description here

Finally, provide the GET method and the Path as per your API and then deploy the Mule application. It's done.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.