SlideShare a Scribd company logo

Securing the network communication using One-way SSL & Two-way SSL | MuleSoft Mysore Meetup #18

Download as PPTX, PDF
M
MysoreMuleSoftMeetup

Securing the network communication using One-way SSL & Two-way SSL | MuleSoft Mysore Meetup #18 Event Link:- https://meetups.mulesoft.com/events/details/mulesoft-mysore-presents-learn-more-about-securing-the-network-communication-using-one-way-ssl-two-way-ssl/ -What is SSL/TLS ? -What is a Digital Certificate? -How to implement one-way SSL? -How to implement two-way SSL? Mysore WhatsApp group:- https://chat.whatsapp.com/EhqtHtCC75vCAX7gaO842N Youtube:- youtube.com/@mulesoftmysore Speaker:- Shaik Irfan Ahamed:- https://www.linkedin.com/in/shaik-irfan-ahamed-13a479117/ Organizers:- Shubham Chaurasia - https://www.linkedin.com/in/shubhamchaurasia1/ Giridhar Meka - https://www.linkedin.com/in/giridharmeka

Education
1 of 28
1
December 08, 2022 Mysore MuleSoft Meetup Implementing one-way & two-way SSL
3
Safe Harbour Statement ● Both the speaker and the host are organizing this meet-up in individual capacity only. We are not representing our companies here. ● This presentation is strictly for learning purposes only. ● Organizer/Presenter do not hold any responsibility that same solution will work for your business requirements. ● This presentation is not meant for any promotional activities. 4
A recording of this meetup will be uploaded to events page within 24 hours. Questions can be submitted/asked at any time in the Chat/Questions & Answers Tab. Make it more Interactive!!! Give us feedback! Rate this meetup session by filling feedback form at the end of the day. We Love Feedbacks!!! Its Bread & Butter for Meetup. Housekeeping 5
Introduction ● About the Organizers 6 Shubham Chaurasia Billennium India Pro Integration Developer A SHOW OF HANDS: Who is new to this Meetup? Giridhar Meka Sr. Technical Architect linkedin.com/in/giridharmeka linkedin.com/in/shubhamchaurasia1
 3.6 years of working experience as MuleSoft Developer  Certified MuleSoft Developer and Integration Architect  Currently working for HashedIn By Deloitte as Senior Software Engineer 7 Shaik Irfan Ahamed Sr. Software Engineer Introduction ● About the Speaker
Agenda ● Introductions o What is SSL/TLS ? o What is a Digital Certificate? o How to implement one-way SSL? o How to implement two-way SSL? ● Demo ● Trivia 8
SSL/TLS : SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for establishing authenticated and encrypted links between networked computers HTTPS: Hypertext Transfer Protocol Secure (https) is a combination of HTTP with the SSL/ TLS protocol 9
 Confidentiality – Provided by Encryption  Integrity – Provided by Hashing technique  Authentication – Provided by Certificates SSL/TLS Handshake 10 SSL/TLS has 3 Goals
Confidentiality  Confidentiality can be achieved by Encryption  There are two types of encryption in widespread use today: symmetric and asymmetric encryption.  Symmetric encryption uses a single key to both encrypt and decrypt data  Asymmetric encryption uses a different keys (public-private keypair) to encrypt  Asymmetrical encryption is used to initialize the encrypted conversation between two users, while symmetrical encryption is used for the duration of the communication. 11
Integrity 12
Integrity…  Hashing is used to provide Integrity  Both parties establish a mutual secret key  Sender combines Message + Secret key to create Digest  Receiver verifies by calculating hash of Message + secret key 13
Authentication  Prove your Identity  Digital Certificate is needed to prove the Identity  Digital Signature itself does not verify the actual identity of the sender 14 Alice Alice
Digital Certificates Digital certificates are electronic credentials issued by a trusted third-party, it verifies the identity of the owner and the owner public key 15
SSL Handshake Protocol  The user initiates the connection by typing the website address. The browser initiates SSL/TLS communication by sending a message to the website’s server.  The website's server sends back the public key or certificate to the user's browser.  User's browser checks for a public key or certificate. If it is ok, it creates a symmetric key and sends it back to the website's server. If the certificate is not ok, the communication fails.  On receiving the symmetric key, the website's server sent the key and encrypted the requested data.  The user's browser decrypts the content using a symmetric key, which completes the SSL/TLS handshake. The user can see content as now connection is established 16
SSL Handshake Protocol… 17
Keystore & Truststore  Keystore is used to store private key and identity certificates that a specific program should present to both parties (server or client) for verification.  Truststore is used to store certificates from Certified Authorities (CA) that verify the certificate presented by the server in SSL connection. 18
One-Way SSL  Client requests for data on HTTPS protocol to the server. That going to initiates the SSL/TLS handshake process.  Server returns with its public certificate and public key to the client along with the server hello message  The client validates/verifies the received server certificates with CA’s certification authority  The client sends back with a symmetric session key using the server’s public key  The server decrypts the symmetric session key using its private key and sends back an encrypted session key to start the encrypted session 19
One-Way SSL… 20
Two-way SSL  Client requests for data on HTTPS protocol to the server.  Server returns with its public certificate and public key to the client along with the server hello message.  The client validates/verifies the received server certificates with CA’s certification authority  The client sends back a client certificate with a symmetric session key using the server’s public key.  The server validates/verifies the received client certificates with CA’s certification authority  After completion of the handshake process, client and server communicate and transfer data with each other encrypted with the secret keys shared between the two during a handshake 21
Two-way SSL… 22
Demo
Q&A
Take a stand ! ● Nominate yourself for the next meetup speaker and suggest a topic as well. 25
● Share: ○ Tweet using the hashtag #MuleSoftMeetups ○ Join Mysore Group: https://meetups.mulesoft.com/mysore/ ● Feedback: ○ Fill out the survey feedback and suggest topics for upcoming events ○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program ○ Reach out to Mysore Meetup Leaders (Shubham/Giridhar) to suggest topics for next Meetup What’s next? 26
Get ready to WIN a MuleSoft Voucher from MuleSoft Quiz Time
Thank you

Recommended

Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSLCalicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSLAnoopRamachandran13
 
Understanding transport-layer_security__ssl
Understanding transport-layer_security__sslUnderstanding transport-layer_security__ssl
Understanding transport-layer_security__sslMainak Goswami
 
Indianapolis mule soft_meetup_30_jan_2021 (1)
Indianapolis mule soft_meetup_30_jan_2021 (1)Indianapolis mule soft_meetup_30_jan_2021 (1)
Indianapolis mule soft_meetup_30_jan_2021 (1)ikram_ahamed
 
The last picks
The last picksThe last picks
The last picksNafiur Rahman Tuhin
 
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!Wilco Alsemgeest
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Https presentation
Https presentationHttps presentation
Https presentationpatel jatin
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptSonukumarRawat
 

Recommended

Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSLCalicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSL
Calicut MuleSoft Meetup Group - #13 Implementing One-Way and Two-Way SSLAnoopRamachandran13
 
Understanding transport-layer_security__ssl
Understanding transport-layer_security__sslUnderstanding transport-layer_security__ssl
Understanding transport-layer_security__sslMainak Goswami
 
Indianapolis mule soft_meetup_30_jan_2021 (1)
Indianapolis mule soft_meetup_30_jan_2021 (1)Indianapolis mule soft_meetup_30_jan_2021 (1)
Indianapolis mule soft_meetup_30_jan_2021 (1)ikram_ahamed
 
The last picks
The last picksThe last picks
The last picksNafiur Rahman Tuhin
 
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!
JoomlaDay Austria 2016 - Presentation Why and how to use HTTPS on your website!Wilco Alsemgeest
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Https presentation
Https presentationHttps presentation
Https presentationpatel jatin
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptSonukumarRawat
 
ssl
sslssl
sslsjyuva
 
Https
HttpsHttps
HttpsBilla Kota Sriram
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
presentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdfpresentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdfGumanSingh10
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
Lecture #22 : Web Privacy & Security Breach
Lecture #22 : Web Privacy & Security BreachLecture #22 : Web Privacy & Security Breach
Lecture #22 : Web Privacy & Security BreachDr. Ramchandra Mangrulkar
 
SSL/TLS Handshake
SSL/TLS HandshakeSSL/TLS Handshake
SSL/TLS HandshakeArpit Agarwal
 
SSL-image
SSL-imageSSL-image
SSL-imageRajat Toshniwal
 
Lecture17
Lecture17Lecture17
Lecture17Châu Thanh Chương
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
Lecture #21: HTTPS , SSL & TLS
Lecture #21: HTTPS , SSL & TLSLecture #21: HTTPS , SSL & TLS
Lecture #21: HTTPS , SSL & TLSDr. Ramchandra Mangrulkar
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular jsBixlabs
 
Details about the SSL Certificate
Details about the SSL CertificateDetails about the SSL Certificate
Details about the SSL CertificateCheapSSLUSA
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryptionMohammad Yousri
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityJyothishmathi Institute of Technology and Science Karimnagar
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerceNishant Pahad
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Web application security part 02
Web application security part 02Web application security part 02
Web application security part 02G Prachi
 
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David JohanssonOWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David JohanssonDavid Johansson
 
TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer SecurityByronKimani
 
MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...
MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...
MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...MysoreMuleSoftMeetup
 
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40MysoreMuleSoftMeetup
 

More Related Content

Similar to Securing the network communication using One-way SSL & Two-way SSL | MuleSoft Mysore Meetup #18

presentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdfpresentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdfGumanSingh10
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular jsBixlabs
 
Details about the SSL Certificate
Details about the SSL CertificateDetails about the SSL Certificate
Details about the SSL CertificateCheapSSLUSA
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerceNishant Pahad
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Web application security part 02
Web application security part 02Web application security part 02
Web application security part 02G Prachi
 
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David JohanssonOWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David JohanssonDavid Johansson
 
TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer SecurityByronKimani
 

Similar to Securing the network communication using One-way SSL & Two-way SSL | MuleSoft Mysore Meetup #18 (20)

ssl
sslssl
ssl
 
Https
HttpsHttps
Https
 
SSL
SSLSSL
SSL
 
presentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdfpresentation2-151203145018-lva1-app6891.pdf
presentation2-151203145018-lva1-app6891.pdf
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Lecture #22 : Web Privacy & Security Breach
Lecture #22 : Web Privacy & Security BreachLecture #22 : Web Privacy & Security Breach
Lecture #22 : Web Privacy & Security Breach
 
SSL/TLS Handshake
SSL/TLS HandshakeSSL/TLS Handshake
SSL/TLS Handshake
 
SSL-image
SSL-imageSSL-image
SSL-image
 
Lecture17
Lecture17Lecture17
Lecture17
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
 
Lecture #21: HTTPS , SSL & TLS
Lecture #21: HTTPS , SSL & TLSLecture #21: HTTPS , SSL & TLS
Lecture #21: HTTPS , SSL & TLS
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular js
 
Details about the SSL Certificate
Details about the SSL CertificateDetails about the SSL Certificate
Details about the SSL Certificate
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerce
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
 
Web application security part 02
Web application security part 02Web application security part 02
Web application security part 02
 
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David JohanssonOWASP London 16 Jan-2017 - Identities Exposed by David Johansson
OWASP London 16 Jan-2017 - Identities Exposed by David Johansson
 
TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer Security
 

More from MysoreMuleSoftMeetup

MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...
MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...
MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...MysoreMuleSoftMeetup
 
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40MysoreMuleSoftMeetup
 
Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...
Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...
Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...MysoreMuleSoftMeetup
 
State Management in Mule applications | MuleSoft Mysore Meetup #42
State Management in Mule applications | MuleSoft Mysore Meetup #42State Management in Mule applications | MuleSoft Mysore Meetup #42
State Management in Mule applications | MuleSoft Mysore Meetup #42MysoreMuleSoftMeetup
 
Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41
Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41
Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41MysoreMuleSoftMeetup
 
Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39
Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39
Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39MysoreMuleSoftMeetup
 
Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38
Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38
Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38MysoreMuleSoftMeetup
 
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37MysoreMuleSoftMeetup
 
Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36MysoreMuleSoftMeetup
 
Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35
Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35
Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35MysoreMuleSoftMeetup
 
Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...
Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...
Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...MysoreMuleSoftMeetup
 
Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...
Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...
Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...MysoreMuleSoftMeetup
 
HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32
HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32
HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32MysoreMuleSoftMeetup
 
Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...
Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...
Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...MysoreMuleSoftMeetup
 
Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30
Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30
Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30MysoreMuleSoftMeetup
 
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29MysoreMuleSoftMeetup
 
MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27
MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27
MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27MysoreMuleSoftMeetup
 
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...MysoreMuleSoftMeetup
 
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...MysoreMuleSoftMeetup
 
Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...
Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...
Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...MysoreMuleSoftMeetup
 

More from MysoreMuleSoftMeetup (20)

MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...
MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...
MuleSoft Integration with AWS Lambda [Serverless Function] | MuleSoft Mysore ...
 
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40
Munits in Mule 4 [Deep-Dive] | MuleSoft Mysore Meetup #40
 
Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...
Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...
Unlocking Seamless End-to-End Automation with the MuleSoft Automation Suite |...
 
State Management in Mule applications | MuleSoft Mysore Meetup #42
State Management in Mule applications | MuleSoft Mysore Meetup #42State Management in Mule applications | MuleSoft Mysore Meetup #42
State Management in Mule applications | MuleSoft Mysore Meetup #42
 
Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41
Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41
Anypoint Code Builder (ACB) + AI + Hands-On | MuleSoft Mysore Meetup #41
 
Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39
Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39
Transaction Management in Mule 4 | MuleSoft Mysore Meetup #39
 
Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38
Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38
Exploring the realms of MuleSoft RPA | MuleSoft Mysore Meetup #38
 
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37
 
Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36Azure DevOps Pipeline setup for Mule APIs #36
Azure DevOps Pipeline setup for Mule APIs #36
 
Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35
Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35
Mastering the Puzzle Integration Patterns Decoded | MuleSoft Mysore Meetup #35
 
Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...
Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...
Discovering Seamless Integration: MuleSoft, AWS and Snowflake | MuleSoft Myso...
 
Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...
Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...
Application Design Thinking wrt Integration Architecture - Part II | MuleSoft...
 
HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32
HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32
HL7 Integration using Mulesoft | MuleSoft Mysore Meetp #32
 
Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...
Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...
Application Design Thinking wrt Integration Architecture - Part I | MuleSoft ...
 
Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30
Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30
Slack and ChatGPT Integration using MuleSoft | MuleSoft Mysore Meetup #30
 
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
 
MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27
MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27
MuleSoft Integration with ChatGPT — Part 1 | MuleSoft Mysore Meetup #27
 
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...
Handling NFRs for the API through API policies (Custom Policies) -Part 2 | Mu...
 
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...
Handling NFRs for the API through OoTB API policies Part-1 | MuleSoft Mysore ...
 
Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...
Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...
Maven Archetypes - Learn about importance of Maven Archetypes in MuleSoft | M...
 

Recently uploaded

Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Recently uploaded (20)

Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 

Securing the network communication using One-way SSL & Two-way SSL | MuleSoft Mysore Meetup #18

  • 1. 1
  • 2. December 08, 2022 Mysore MuleSoft Meetup Implementing one-way & two-way SSL
  • 3. 3
  • 4. Safe Harbour Statement ● Both the speaker and the host are organizing this meet-up in individual capacity only. We are not representing our companies here. ● This presentation is strictly for learning purposes only. ● Organizer/Presenter do not hold any responsibility that same solution will work for your business requirements. ● This presentation is not meant for any promotional activities. 4
  • 5. A recording of this meetup will be uploaded to events page within 24 hours. Questions can be submitted/asked at any time in the Chat/Questions & Answers Tab. Make it more Interactive!!! Give us feedback! Rate this meetup session by filling feedback form at the end of the day. We Love Feedbacks!!! Its Bread & Butter for Meetup. Housekeeping 5
  • 6. Introduction ● About the Organizers 6 Shubham Chaurasia Billennium India Pro Integration Developer A SHOW OF HANDS: Who is new to this Meetup? Giridhar Meka Sr. Technical Architect linkedin.com/in/giridharmeka linkedin.com/in/shubhamchaurasia1
  • 7.  3.6 years of working experience as MuleSoft Developer  Certified MuleSoft Developer and Integration Architect  Currently working for HashedIn By Deloitte as Senior Software Engineer 7 Shaik Irfan Ahamed Sr. Software Engineer Introduction ● About the Speaker
  • 8. Agenda ● Introductions o What is SSL/TLS ? o What is a Digital Certificate? o How to implement one-way SSL? o How to implement two-way SSL? ● Demo ● Trivia 8
  • 9. SSL/TLS : SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for establishing authenticated and encrypted links between networked computers HTTPS: Hypertext Transfer Protocol Secure (https) is a combination of HTTP with the SSL/ TLS protocol 9
  • 10.  Confidentiality – Provided by Encryption  Integrity – Provided by Hashing technique  Authentication – Provided by Certificates SSL/TLS Handshake 10 SSL/TLS has 3 Goals
  • 11. Confidentiality  Confidentiality can be achieved by Encryption  There are two types of encryption in widespread use today: symmetric and asymmetric encryption.  Symmetric encryption uses a single key to both encrypt and decrypt data  Asymmetric encryption uses a different keys (public-private keypair) to encrypt  Asymmetrical encryption is used to initialize the encrypted conversation between two users, while symmetrical encryption is used for the duration of the communication. 11
  • 13. Integrity…  Hashing is used to provide Integrity  Both parties establish a mutual secret key  Sender combines Message + Secret key to create Digest  Receiver verifies by calculating hash of Message + secret key 13
  • 14. Authentication  Prove your Identity  Digital Certificate is needed to prove the Identity  Digital Signature itself does not verify the actual identity of the sender 14 Alice Alice
  • 15. Digital Certificates Digital certificates are electronic credentials issued by a trusted third-party, it verifies the identity of the owner and the owner public key 15
  • 16. SSL Handshake Protocol  The user initiates the connection by typing the website address. The browser initiates SSL/TLS communication by sending a message to the website’s server.  The website's server sends back the public key or certificate to the user's browser.  User's browser checks for a public key or certificate. If it is ok, it creates a symmetric key and sends it back to the website's server. If the certificate is not ok, the communication fails.  On receiving the symmetric key, the website's server sent the key and encrypted the requested data.  The user's browser decrypts the content using a symmetric key, which completes the SSL/TLS handshake. The user can see content as now connection is established 16
  • 18. Keystore & Truststore  Keystore is used to store private key and identity certificates that a specific program should present to both parties (server or client) for verification.  Truststore is used to store certificates from Certified Authorities (CA) that verify the certificate presented by the server in SSL connection. 18
  • 19. One-Way SSL  Client requests for data on HTTPS protocol to the server. That going to initiates the SSL/TLS handshake process.  Server returns with its public certificate and public key to the client along with the server hello message  The client validates/verifies the received server certificates with CA’s certification authority  The client sends back with a symmetric session key using the server’s public key  The server decrypts the symmetric session key using its private key and sends back an encrypted session key to start the encrypted session 19
  • 21. Two-way SSL  Client requests for data on HTTPS protocol to the server.  Server returns with its public certificate and public key to the client along with the server hello message.  The client validates/verifies the received server certificates with CA’s certification authority  The client sends back a client certificate with a symmetric session key using the server’s public key.  The server validates/verifies the received client certificates with CA’s certification authority  After completion of the handshake process, client and server communicate and transfer data with each other encrypted with the secret keys shared between the two during a handshake 21
  • 23. Demo
  • 24. Q&A
  • 25. Take a stand ! ● Nominate yourself for the next meetup speaker and suggest a topic as well. 25
  • 26. ● Share: ○ Tweet using the hashtag #MuleSoftMeetups ○ Join Mysore Group: https://meetups.mulesoft.com/mysore/ ● Feedback: ○ Fill out the survey feedback and suggest topics for upcoming events ○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program ○ Reach out to Mysore Meetup Leaders (Shubham/Giridhar) to suggest topics for next Meetup What’s next? 26
  • 27. Get ready to WIN a MuleSoft Voucher from MuleSoft Quiz Time