4. Safe Harbour Statement
● Both the speaker and the host are organizing this meet-up in individual capacity only.
We are not representing our companies here.
● This presentation is strictly for learning purposes only.
● Organizer/Presenter do not hold any responsibility that same solution will work for
your business requirements.
● This presentation is not meant for any promotional activities.
4
5. A recording of this meetup will be uploaded to events page within 24 hours.
Questions can be submitted/asked at any time in the Chat/Questions & Answers Tab.
Make it more Interactive!!!
Give us feedback! Rate this meetup session by filling feedback form at the end of the day.
We Love Feedbacks!!! Its Bread & Butter for Meetup.
Housekeeping
5
6. Introduction
● About the Organizers
6
Shubham Chaurasia
Billennium India
Pro Integration Developer
A SHOW OF HANDS:
Who is new to this Meetup?
Giridhar Meka
Sr. Technical Architect
linkedin.com/in/giridharmeka
linkedin.com/in/shubhamchaurasia1
7. 3.6 years of working experience as MuleSoft Developer
Certified MuleSoft Developer and Integration Architect
Currently working for HashedIn By Deloitte as Senior
Software Engineer
7
Shaik Irfan Ahamed
Sr. Software Engineer
Introduction
● About the Speaker
8. Agenda
● Introductions
o What is SSL/TLS ?
o What is a Digital Certificate?
o How to implement one-way SSL?
o How to implement two-way SSL?
● Demo
● Trivia
8
9. SSL/TLS :
SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for
establishing authenticated and encrypted links between networked computers
HTTPS:
Hypertext Transfer Protocol Secure (https) is a combination of HTTP with the SSL/ TLS protocol
9
10. Confidentiality – Provided by Encryption
Integrity – Provided by Hashing technique
Authentication – Provided by Certificates
SSL/TLS Handshake
10
SSL/TLS has 3 Goals
11. Confidentiality
Confidentiality can be achieved by Encryption
There are two types of encryption in widespread use today: symmetric and
asymmetric encryption.
Symmetric encryption uses a single key to both encrypt and decrypt data
Asymmetric encryption uses a different keys (public-private keypair) to encrypt
Asymmetrical encryption is used to initialize the encrypted conversation between two
users, while symmetrical encryption is used for the duration of the communication.
11
13. Integrity…
Hashing is used to provide Integrity
Both parties establish a mutual secret key
Sender combines Message + Secret key to create Digest
Receiver verifies by calculating hash of Message + secret key
13
14. Authentication
Prove your Identity
Digital Certificate is needed to prove the Identity
Digital Signature itself does not verify the actual identity of the sender
14
Alice
Alice
15. Digital Certificates
Digital certificates are electronic credentials issued by a trusted third-party, it verifies the
identity of the owner and the owner public key
15
16. SSL Handshake Protocol
The user initiates the connection by typing the website address. The browser initiates
SSL/TLS communication by sending a message to the website’s server.
The website's server sends back the public key or certificate to the user's browser.
User's browser checks for a public key or certificate. If it is ok, it creates a symmetric
key and sends it back to the website's server. If the certificate is not ok, the
communication fails.
On receiving the symmetric key, the website's server sent the key and encrypted the
requested data.
The user's browser decrypts the content using a symmetric key, which completes the
SSL/TLS handshake. The user can see content as now connection is established
16
18. Keystore & Truststore
Keystore is used to store private key and identity certificates that a specific program
should present to both parties (server or client) for verification.
Truststore is used to store certificates from Certified Authorities (CA) that verify the
certificate presented by the server in SSL connection.
18
19. One-Way SSL
Client requests for data on HTTPS protocol to the server. That going to initiates the
SSL/TLS handshake process.
Server returns with its public certificate and public key to the client along with the
server hello message
The client validates/verifies the received server certificates with CA’s certification
authority
The client sends back with a symmetric session key using the server’s public key
The server decrypts the symmetric session key using its private key and sends back
an encrypted session key to start the encrypted session
19
21. Two-way SSL
Client requests for data on HTTPS protocol to the server.
Server returns with its public certificate and public key to the client along with the
server hello message.
The client validates/verifies the received server certificates with CA’s certification
authority
The client sends back a client certificate with a symmetric session key using the
server’s public key.
The server validates/verifies the received client certificates with CA’s certification
authority
After completion of the handshake process, client and server communicate and
transfer data with each other encrypted with the secret keys shared between the two
during a handshake
21
25. Take a stand !
● Nominate yourself for the next meetup speaker and suggest a topic as well.
25
26. ● Share:
○ Tweet using the hashtag #MuleSoftMeetups
○ Join Mysore Group: https://meetups.mulesoft.com/mysore/
● Feedback:
○ Fill out the survey feedback and suggest topics for upcoming events
○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program
○ Reach out to Mysore Meetup Leaders (Shubham/Giridhar) to suggest
topics for next Meetup
What’s next?
26
27. Get ready to WIN a MuleSoft Voucher from MuleSoft
Quiz Time