WSO2 APIM based Mutual SSL

18 min readJun 27, 2020

From this blog post, I will try to brief what are the prominent features included in WSO2 API Manager based on Mutual SSL. Since I observed some conflicts in Mutual SSL understanding and configurations, it was encouraged for this effort.

SSL (Secure Socket Layer) is the standard technology used for enabling secured communication between a client and server to ensure data security & integrity. For ensuring the security of the data being transferred between a client and server, SSL can be implemented either one-way or two-way.

In one way SSL, only the client validates the server to ensure that it receives data from the intended server. For implementing a one-way SSL, the server shares its public certificate with the clients.

In this way, we can conclude the handshake messages used by both client and server to establish the encrypted channel before message exchanging as below.

Client sends ClientHello message proposing SSL options.
Server responds with ServerHello message selecting the SSL options.
Server sends Certificate message, which contains the server's certificate.
Server concludes its part of the negotiation with ServerHelloDone message.
The client sends session key information (encrypted with server’s public key) in ClientKeyExchange message.
Client sends ChangeCipherSpec message to activate the negotiated options for all future messages it will send.
The client sends Finished message to let the server check the newly activated options.
Server sends ChangeCipherSpec message to activate the negotiated options for all future messages it will send.
The server sends Finished message to let the client check the newly activated options.

In the two-way SSL (Mutual SSL), both client and server authenticate each other to ensure that both parties involved in the communication are trusted. Both parties share their public certificates and then validation is performed based on that.

Here also we can conclude the handshake messages used by both client and server to establish the encrypted channel before message exchanging as below.

The client sends ClientHello message proposing SSL options.
The server responds with ServerHello message selecting the SSL options.
The server sends Certificate message, which contains the server's certificate.
The server requests the client’s certificate in CertificateRequest message, so that the connection can be mutually authenticated.
The server concludes its part of the negotiation with ServerHelloDone message.
The client responds with Certificate message, which contains the client's certificate.
The client sends session key information (encrypted with server’s public key) in ClientKeyExchange message.
The client sends a CertificateVerify message to let the server know it owns the sent certificate.
Client sends ChangeCipherSpec message to activate the negotiated options for all future messages it will send.
The client sends Finished message to let the server check the newly activated options.
Server sends ChangeCipherSpec message to activate the negotiated options for all future messages it will send.
The server sends Finished message to let the client check the newly activated options.

Example after enabling SSL debug logs (In Ubuntu: nohup ./wso2server.sh -Djavax.net.debug=ssl:handshake &):

Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
HTTPS-Listener I/O dispatcher-1, READ: TLSv1 Handshake, length = 293
check handshake state: client_hello[1]
update handshake state: client_hello[1]
upcoming handshake states: server_hello[2]
*** ClientHello, TLSv1.2
RandomCookie: GMT: 897048464 bytes = { 235, 126, 51, 182, 147, 10, 153, 185, 133, 185, 71, 48, 92, 145, 40, 83, 217, 136, 83, 175, 97, 156, 20, 240, 166, 62, 36, 25 }
Session ID: {94, 175, 175, 7, 6, 68, 142, 45, 255, 87, 153, 236, 213, 125, 255, 64, 220, 160, 243, 135, 11, 17, 7, 107, 255, 149, 36, 87, 246, 32, 188, 183}
Cipher Suites: [TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_DH_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DH_RSA_WITH_AES_256_CBC_SHA256, TLS_DH_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DH_RSA_WITH_AES_256_CBC_SHA, TLS_DH_DSS_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DH_DSS_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_DH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DH_RSA_WITH_AES_128_CBC_SHA256, TLS_DH_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DH_RSA_WITH_AES_128_CBC_SHA, TLS_DH_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension server_name, server_name: [type=host_name (0), value=192.168.8.101]
Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2]
Extension elliptic_curves, curve names: {secp256r1, secp521r1, unknown curve 28, unknown curve 27, secp384r1, unknown curve 26, secp256k1, sect571r1, sect571k1, sect409k1, sect409r1, sect283k1, sect283r1}
Unsupported extension type_35, data: 
Extension signature_algorithms, signature_algorithms: SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA256withRSA, SHA256withDSA, SHA256withECDSA, SHA224withRSA, SHA224withDSA, SHA224withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA
Unsupported extension type_13172, data: 
***
%% Initialized: [Session-12, SSL_NULL_WITH_NULL_NULL]
matching alias: wso2carbon
Standard ciphersuite chosen: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
%% Negotiating: [Session-12, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
*** ServerHello, TLSv1.2
RandomCookie: GMT: 1571729637 bytes = { 137, 86, 54, 154, 76, 247, 158, 62, 85, 134, 2, 143, 74, 170, 21, 48, 192, 251, 222, 132, 242, 119, 199, 212, 160, 195, 111, 124 }
Session ID: {94, 175, 177, 229, 204, 238, 10, 148, 246, 247, 93, 116, 40, 13, 1, 75, 125, 147, 25, 45, 50, 121, 20, 216, 157, 167, 79, 61, 68, 42, 141, 24}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
update handshake state: server_hello[2]
upcoming handshake states: server certificate[11]
upcoming handshake states: server_key_exchange[12](optional)
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** Certificate chain
chain [0] = [
[
 Version: V3
 Subject: CN=localhost, O=WSO2, L=Mountain View, ST=CA, C=US
 Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11Key: Sun RSA public key, 2048 bits
 modulus: 19049296766410219965113059550253073150157820443657864104004676207726193654461950115645745279320134751408624117470981180372194928225695953081013032599576993268550361790110613358270730467477076484222212606589554590173309384388977329346674298830195238331879794351264115399907472880236580933941802706762817712485341248880031821538970083369065737253391633147785048475653024194434652208057444151666400537584953268265192996642559133427898438556878384604452936792935532437313812326127264414343774887909483101263513387117201488508589569627005696586937864733503494525495180362440893689653813597370754173262818732992190707314633
 public exponent: 65537
 Validity: [From: Wed Jul 19 12:22:51 IST 2017,
 To: Sat Jul 17 12:22:51 IST 2027]
 Issuer: CN=localhost, O=WSO2, L=Mountain View, ST=CA, C=US
 SerialNumber: [ 0282d0fd]Certificate Extensions: 1
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B5 2F 24 21 8C 50 F1 45 6F 56 B6 52 76 0C A2 75 ./$!.P.EoV.Rv..u
0010: EF 4E 1F 15 .N..
]
]]
 Algorithm: [SHA256withRSA]
 Signature:
0000: 17 E4 E6 6A AC 55 4A E9 14 26 13 65 98 4E C5 34 …j.UJ..&.e.N.4
0010: 51 A4 65 EA A1 6D 46 D3 96 CE C4 7C 6C E3 63 DA Q.e..mF…..l.c.
0020: C7 0F 2B 00 9D 3A 3E DC BD 8E A3 35 0A 04 4F A6 ..+..:>….5..O.
0030: AB D9 6B 69 4F 40 14 2A 66 B1 E4 74 31 34 EA AE ..kiO@.*f..t14..
0040: 0D 1B 40 EA 30 7F 0D 4F EB 4D 91 70 5E F5 84 EB ..@.0..O.M.p^…
0050: 7B 71 09 09 27 EC BE CC 2D 2D 50 D9 EC 60 EF 4C .q..’… — P..`.L
0060: 72 A8 8C 98 D0 BD D5 42 CD 18 FA 5C 7E 53 AE EC r……B…\.S..
0070: 1E 7D BE 01 27 3F 40 3E D9 E5 C8 92 2F 8C 79 35 ….’?@>…./.y5
0080: 85 DA 33 AB 23 A7 89 56 5D D1 03 B1 2C 06 DC 76 ..3.#..V]…,..v
0090: DF 78 E9 C8 4D 75 0B C2 9B A6 94 3A 9B AD A7 C5 .x..Mu…..:….
00A0: E8 82 BD 0A 06 71 32 DD 4F 1E B3 67 00 7C D6 5A …..q2.O..g…Z
00B0: 12 43 D4 F1 56 B9 6D 4E 97 8E 7C BC CC 64 27 5C .C..V.mN…..d’\
00C0: 25 F1 3C AA 7B B0 CA 60 3B DD E7 3C 1B 7F 96 25 %.<….`;..<…%
00D0: F5 A9 FC 97 33 BC 44 A2 D5 A8 C6 69 BA 1D 9C 7C ….3.D….i….
00E0: A1 64 3C 53 96 A2 5E 36 79 44 A0 D6 08 2A B8 66 .d<S..⁶yD…*.f
00F0: E5 E5 EB 05 6C 53 3D 62 13 AD 6C B8 EE 72 5A 2F ….lS=b..l..rZ/]
***
update handshake state: certificate[11]
upcoming handshake states: server_key_exchange[12](optional)
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
 public x coord: 44778816970088541569851315587661753613931545764553647511844644979829125842598
 public y coord: 32161938990122657605849408761749283148837204309706737601271544141376707308080
 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
update handshake state: server_key_exchange[12]
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Cert Authorities:
<CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=SecureTrust CA, O=SecureTrust Corporation, C=US>
<CN=Entrust Root Certification Authority — EC1, OU=”© 2012 Entrust, Inc. — for authorized use only”, OU=See www.entrust.net/legal-terms, O=”Entrust, Inc.”, C=US>
<OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP>
<CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US>
<OU=Security Communication RootCA2, O=”SECOM Trust Systems CO.,LTD.”, C=JP>
<OU=VeriSign Trust Network, OU=”© 1998 VeriSign, Inc. — For authorized use only”, OU=Class 3 Public Primary Certification Authority — G2, O=”VeriSign, Inc.”, C=US>
<OU=ePKI Root Certification Authority, O=”Chunghwa Telecom Co., Ltd.”, C=TW>
<CN=AffirmTrust Commercial, O=AffirmTrust, C=US>
<CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL>
<CN=XRamp Global Certification Authority, O=XRamp Security Services Inc, OU=www.xrampsecurity.com, C=US>
<CN=Sonera Class2 CA, O=Sonera, C=FI>
<CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
<CN=GeoTrust Primary Certification Authority — G2, OU=© 2007 GeoTrust Inc. — For authorized use only, O=GeoTrust Inc., C=US>
<OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
<CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB>
<CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US>
<CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA — R3>
<CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
<OU=Starfield Class 2 Certification Authority, O=”Starfield Technologies, Inc.”, C=US>
<CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA>
<CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
<CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU>
<CN=VeriSign Class 3 Public Primary Certification Authority — G3, OU=”© 1999 VeriSign, Inc. — For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US>
<CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
<CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=AffirmTrust Networking, O=AffirmTrust, C=US>
<CN=AffirmTrust Premium, O=AffirmTrust, C=US>
<CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
<CN=America Online Root Certification Authority 2, O=America Online Inc., C=US>
<CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU>
<CN=GeoTrust Primary Certification Authority — G3, OU=© 2008 GeoTrust Inc. — For authorized use only, O=GeoTrust Inc., C=US>
<CN=Chambers of Commerce Root — 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU>
<CN=SwissSign Silver CA — G2, O=SwissSign AG, C=CH>
<CN=Entrust Root Certification Authority — G2, OU=”© 2009 Entrust, Inc. — for authorized use only”, OU=See www.entrust.net/legal-terms, O=”Entrust, Inc.”, C=US>
<CN=localhost, O=WSO2, L=Mountain View, ST=CA, C=US>
<CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<OU=Go Daddy Class 2 Certification Authority, O=”The Go Daddy Group, Inc.”, C=US>
<CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
<CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE>
<CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=Class 2 Primary CA, O=Certplus, C=FR>
<CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
<CN=SwissSign Platinum CA — G2, O=SwissSign AG, C=CH>
<CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA — R5>
<CN=Starfield Root Certificate Authority — G2, O=”Starfield Technologies, Inc.”, L=Scottsdale, ST=Arizona, C=US>
<CN=VeriSign Class 2 Public Primary Certification Authority — G3, OU=”© 1999 VeriSign, Inc. — For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US>
<CN=Entrust.net Certification Authority (2048), OU=© 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net>
<CN=thawte Primary Root CA, OU=”© 2006 thawte, Inc. — For authorized use only”, OU=Certification Services Division, O=”thawte, Inc.”, C=US>
<CN=Go Daddy Root Certificate Authority — G2, O=”GoDaddy.com, Inc.”, L=Scottsdale, ST=Arizona, C=US>
<CN=VeriSign Class 1 Public Primary Certification Authority — G3, OU=”© 1999 VeriSign, Inc. — For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US>
<CN=VeriSign Class 3 Public Primary Certification Authority — G4, OU=”© 2007 VeriSign, Inc. — For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US>
<CN=localhost, OU=apim, O=wso2, L=colombo, ST=western, C=sl>
<CN=Entrust Root Certification Authority, OU=”© 2006 Entrust, Inc.”, OU=www.entrust.net/CPS is incorporated by reference, O=”Entrust, Inc.”, C=US>
<CN=Certum CA, O=Unizeto Sp. z o.o., C=PL>
<CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO>
<CN=SwissSign Gold CA — G2, O=SwissSign AG, C=CH>
<CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US>
<CN=UTN — DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM>
<CN=localhost, O=WSO2, L=Mountain View, ST=CA, C=US>
<CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE>
<OU=Class 1 Public Primary Certification Authority, O=”VeriSign, Inc.”, C=US>
<CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US>
<OU=VeriSign Trust Network, OU=”© 1998 VeriSign, Inc. — For authorized use only”, OU=Class 2 Public Primary Certification Authority — G2, O=”VeriSign, Inc.”, C=US>
<CN=VeriSign Class 3 Public Primary Certification Authority — G5, OU=”© 2006 VeriSign, Inc. — For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US>
<CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA — R2>
<CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM>
<CN=Starfield Services Root Certificate Authority — G2, O=”Starfield Technologies, Inc.”, L=Scottsdale, ST=Arizona, C=US>
<CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch>
<CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan, C=IT>
<OU=Class 3 Public Primary Certification Authority, O=”VeriSign, Inc.”, C=US>
<CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM>
<CN=Class 3P Primary CA, O=Certplus, C=FR>
<CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO>
<OU=Security Communication EV RootCA1, O=”SECOM Trust Systems CO.,LTD.”, C=JP>
<CN=thawte Primary Root CA — G2, OU=”© 2007 thawte, Inc. — For authorized use only”, O=”thawte, Inc.”, C=US>
<CN=Swisscom Root EV CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch>
<CN=VeriSign Universal Root Certification Authority, OU=”© 2008 VeriSign, Inc. — For authorized use only”, OU=VeriSign Trust Network, O=”VeriSign, Inc.”, C=US>
<CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA — R4>
<CN=Global Chambersign Root — 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU>
<CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB>
<CN=thawte Primary Root CA — G3, OU=”© 2008 thawte, Inc. — For authorized use only”, OU=Certification Services Division, O=”thawte, Inc.”, C=US>
<EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
<CN=GTE CyberTrust Global Root, OU=”GTE CyberTrust Solutions, Inc.”, O=GTE Corporation, C=US>
<CN=localhost, O=WSO2, L=Mountain View, ST=CA, C=US>
<CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US>
<CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE>
<CN=Sonera Class1 CA, O=Sonera, C=FI>
<OU=VeriSign Trust Network, OU=”© 1998 VeriSign, Inc. — For authorized use only”, OU=Class 1 Public Primary Certification Authority — G2, O=”VeriSign, Inc.”, C=US>
<CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR>
<CN=localhost, O=WSO2, L=Mountain View, ST=CA, C=US>
update handshake state: unknown[13]
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ServerHelloDone
update handshake state: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
HTTPS-Listener I/O dispatcher-1, WRITE: TLSv1.2 Handshake, length = 13114
HTTPS-Listener I/O dispatcher-1, READ: TLSv1.2 Handshake, length = 883
check handshake state: certificate[11]
update handshake state: certificate[11]
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** Certificate chain
chain [0] = [
[
 Version: V3
 Subject: CN=localhost, OU=apim, O=wso2, L=colombo, ST=western, C=sl
 Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11Key: Sun RSA public key, 2048 bits
 modulus: 17740675243138577469162108521335593582979234625380118363754447028698871041088533420674779367993173908664420345123289390790384960944847831968551569499580921105972130370978196868516422101326891945532802593129704811290380726687881510969585737724521570635054466348545446285890360145019956090325041975417221301388736091509416402258150188620042077655676129838344602616989891934292900427255679659266346671095520625366541625611235997691079417331883724755972635862950424610425303662669267656728836350318254069028075849178433183978316578512607425343472455891337155502613377630457105236056673285746858693921584817229473188105443
 public exponent: 65537
 Validity: [From: Mon May 04 11:20:41 IST 2020,
 To: Thu Apr 29 11:20:41 IST 2021]
 Issuer: CN=localhost, OU=apim, O=wso2, L=colombo, ST=western, C=sl
 SerialNumber: [ 7e699fe3]Certificate Extensions: 1
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 53 49 DC 1E 16 43 F7 3B F0 DE B0 5C 30 CD C1 60 SI…C.;…\0..`
0010: E9 F9 30 04 ..0.
]
]]
 Algorithm: [SHA256withRSA]
 Signature:
0000: 76 B4 F3 61 C2 83 98 57 46 73 7B CC D4 0F 5F BF v..a…WFs…._.
0010: 24 F5 99 A2 5B CC D8 A8 46 A4 50 0C 36 53 0A EC $…[…F.P.6S..
0020: 4B A4 46 10 AA 3D C1 72 A6 5C E9 A0 B2 E1 8D 7F K.F..=.r.\……
0030: 1F 11 55 FA 06 18 88 47 67 73 44 BC 25 C6 26 3A ..U….GgsD.%.&:
0040: E6 B3 4A 92 0D E2 F9 C7 B1 51 2E 60 D2 E8 A6 D1 ..J……Q.`….
0050: 7C 0F FC D4 32 2F E1 03 36 98 C1 5B 3C D7 58 17 ….2/..6..[<.X.
0060: 5C 44 E5 5D 14 F5 4A 4D 43 90 48 D9 7E 90 24 8F \D.]..JMC.H…$.
0070: A1 19 F7 CC 88 F6 73 B1 7F 1B A6 43 17 7B ED 8F ……s….C….
0080: F6 27 C5 CF CD 92 02 19 E5 3C 74 C6 A7 77 68 7A .’…….<t..whz
0090: 00 C8 B5 D9 04 56 23 44 DD 72 6A CB B3 FE B8 04 …..V#D.rj…..
00A0: C3 01 CD DE 17 79 D7 04 29 0D 49 2C 49 C4 25 29 …..y..).I,I.%)
00B0: 60 8E A7 ED 38 56 5D 72 91 0E 7A 20 8E BE DF CE `…8V]r..z ….
00C0: 26 33 16 5F D9 6D 0A ED 55 11 D6 0C 4F 19 96 24 &3._.m..U…O..$
00D0: 9D 83 9F 1D 06 8A C9 10 85 A2 EC B6 FB D4 27 66 …………..’f
00E0: 28 64 60 56 9C CD 52 F8 3E 6F 9E 69 0B 95 B3 DD (d`V..R.>o.i….
00F0: 8E 51 5B 41 E8 C9 10 CB F6 7D BC 98 31 0B 2D 79 .Q[A……..1.-y]
***
Found trusted certificate:
[
[
 Version: V3
 Subject: CN=localhost, OU=apim, O=wso2, L=colombo, ST=western, C=sl
 Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11Key: Sun RSA public key, 2048 bits
 modulus: 17740675243138577469162108521335593582979234625380118363754447028698871041088533420674779367993173908664420345123289390790384960944847831968551569499580921105972130370978196868516422101326891945532802593129704811290380726687881510969585737724521570635054466348545446285890360145019956090325041975417221301388736091509416402258150188620042077655676129838344602616989891934292900427255679659266346671095520625366541625611235997691079417331883724755972635862950424610425303662669267656728836350318254069028075849178433183978316578512607425343472455891337155502613377630457105236056673285746858693921584817229473188105443
 public exponent: 65537
 Validity: [From: Mon May 04 11:20:41 IST 2020,
 To: Thu Apr 29 11:20:41 IST 2021]
 Issuer: CN=localhost, OU=apim, O=wso2, L=colombo, ST=western, C=sl
 SerialNumber: [ 7e699fe3]Certificate Extensions: 1
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 53 49 DC 1E 16 43 F7 3B F0 DE B0 5C 30 CD C1 60 SI…C.;…\0..`
0010: E9 F9 30 04 ..0.
]
]]
 Algorithm: [SHA256withRSA]
 Signature:
0000: 76 B4 F3 61 C2 83 98 57 46 73 7B CC D4 0F 5F BF v..a…WFs…._.
0010: 24 F5 99 A2 5B CC D8 A8 46 A4 50 0C 36 53 0A EC $…[…F.P.6S..
0020: 4B A4 46 10 AA 3D C1 72 A6 5C E9 A0 B2 E1 8D 7F K.F..=.r.\……
0030: 1F 11 55 FA 06 18 88 47 67 73 44 BC 25 C6 26 3A ..U….GgsD.%.&:
0040: E6 B3 4A 92 0D E2 F9 C7 B1 51 2E 60 D2 E8 A6 D1 ..J……Q.`….
0050: 7C 0F FC D4 32 2F E1 03 36 98 C1 5B 3C D7 58 17 ….2/..6..[<.X.
0060: 5C 44 E5 5D 14 F5 4A 4D 43 90 48 D9 7E 90 24 8F \D.]..JMC.H…$.
0070: A1 19 F7 CC 88 F6 73 B1 7F 1B A6 43 17 7B ED 8F ……s….C….
0080: F6 27 C5 CF CD 92 02 19 E5 3C 74 C6 A7 77 68 7A .’…….<t..whz
0090: 00 C8 B5 D9 04 56 23 44 DD 72 6A CB B3 FE B8 04 …..V#D.rj…..
00A0: C3 01 CD DE 17 79 D7 04 29 0D 49 2C 49 C4 25 29 …..y..).I,I.%)
00B0: 60 8E A7 ED 38 56 5D 72 91 0E 7A 20 8E BE DF CE `…8V]r..z ….
00C0: 26 33 16 5F D9 6D 0A ED 55 11 D6 0C 4F 19 96 24 &3._.m..U…O..$
00D0: 9D 83 9F 1D 06 8A C9 10 85 A2 EC B6 FB D4 27 66 …………..’f
00E0: 28 64 60 56 9C CD 52 F8 3E 6F 9E 69 0B 95 B3 DD (d`V..R.>o.i….
00F0: 8E 51 5B 41 E8 C9 10 CB F6 7D BC 98 31 0B 2D 79 .Q[A……..1.-y]
HTTPS-Listener I/O dispatcher-1, READ: TLSv1.2 Handshake, length = 70
check handshake state: client_key_exchange[16]
update handshake state: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ECDHClientKeyExchange
ECDH Public value: { 4, 176, 123, 166, 185, 252, 181, 206, 79, 175, 64, 185, 75, 175, 29, 203, 218, 47, 49, 68, 234, 145, 247, 184, 23, 10, 224, 227, 100, 167, 158, 88, 184, 140, 128, 58, 249, 224, 138, 81, 175, 188, 201, 110, 216, 235, 251, 241, 234, 155, 193, 22, 57, 168, 229, 48, 0, 246, 52, 46, 225, 147, 202, 236, 244 }
SESSION KEYGEN:
PreMaster Secret:
0000: EE B9 50 0D 18 58 55 BA B0 B9 6D 4A 97 56 4B E6 ..P..XU…mJ.VK.
0010: 0B DC B5 C0 5F 19 48 80 F1 5C 08 FB FC 7C 96 2B …._.H..\…..+
CONNECTION KEYGEN:
Client Nonce:
0000: 35 78 E0 90 EB 7E 33 B6 93 0A 99 B9 85 B9 47 30 5x….3…….G0
0010: 5C 91 28 53 D9 88 53 AF 61 9C 14 F0 A6 3E 24 19 \.(S..S.a….>$.
Server Nonce:
0000: 5E AF B1 E5 89 56 36 9A 4C F7 9E 3E 55 86 02 8F ^….V6.L..>U…
0010: 4A AA 15 30 C0 FB DE 84 F2 77 C7 D4 A0 C3 6F 7C J..0…..w….o.
Master Secret:
0000: 9D 7F F0 AA 76 F0 80 94 19 F9 A5 0A DC 07 7C 40 ….v……….@
0010: 57 AA 8E E6 EA A3 B0 74 92 74 E8 25 5D 4D 4B CC W……t.t.%]MK.
0020: 7B C9 75 38 C6 F4 89 2D 5F A4 57 57 1E D7 BA F3 ..u8…-_.WW….
… no MAC keys used for this cipher
Client write key:
0000: 7B 26 AE 06 26 2F 0A 69 18 5C EA 14 77 C4 F6 41 .&..&/.i.\..w..A
Server write key:
0000: B3 D8 66 8E D6 A0 F2 17 E3 2A D8 4C 42 93 94 68 ..f……*.LB..h
Client write IV:
0000: E8 AD 2C 29 ..,)
Server write IV:
0000: D9 CE 2F E9 ../.
HTTPS-Listener I/O dispatcher-1, READ: TLSv1.2 Handshake, length = 264
check handshake state: certificate_verify[15]
update handshake state: certificate_verify[15]
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** CertificateVerify
Signature Algorithm SHA512withRSA
HTTPS-Listener I/O dispatcher-1, READ: TLSv1.2 Change Cipher Spec, length = 1
update handshake state: change_cipher_spec
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
HTTPS-Listener I/O dispatcher-1, READ: TLSv1.2 Handshake, length = 40
check handshake state: finished[20]
update handshake state: finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** Finished
verify_data: { 37, 119, 67, 220, 126, 19, 11, 106, 16, 67, 206, 43 }
***
update handshake state: change_cipher_spec
upcoming handshake states: server finished[20]
HTTPS-Listener I/O dispatcher-1, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 97, 235, 186, 95, 172, 137, 45, 139, 220, 41, 70, 213 }
***
update handshake state: finished[20]
HTTPS-Listener I/O dispatcher-1, WRITE: TLSv1.2 Handshake, length = 40

Coming back to the topic, Mutual SSL can be exposed via mainly two paths in WSO2 APIM.

Inbound authentication (between the client and APIM)
Outbound authentication (between the APIM and backend)

In order to enable Mutual SSL For inbound authentication, there are few configurations to be done which are clearly mentioned in the documentation [1],[2]. For APIM 2.6 version this feature is shipped via WUM from 22nd October 2018 onwards.

Note: If there are multiple certificates in the certificate chain of the client-side, those certificates need to be uploaded on the APIM side via the APIM Publisher portal.

When invoking the Mutual SSL secured API, both public certificate and private key should be available in the client application. For example below cURL command can be used to invoke the API (ex: context:test, version:1.0, resource:foo).

curl -k --cert mynewcert.crt --key private_key.pem -X GET "https://
<host>:8243/test/1.0/foo"

In Postman, Certificate settings menu can be used to upload the public certificate and private key.

Note: If we invoke the Mutual SSL secured API without passing the valid certificate to the APIM side when making the API call or valid certificate are not available in the APIM side below error can be observed.

{
    "fault": {
        "code": 900911,
        "message": "The mutual SSL authentication has failed due to invalid/missing client certificate",
        "description": "The mutual SSL authentication has failed due to invalid/missing client certificate"
    }
}

For outbound authentication also there are few configurations to be done which are clearly mentioned in the documentation [3], [4]. To invoke a Mutual SSL supported backend, we need to make sure to do the below two points.

Import the public certificate of API Manager into the trust-store of the backend server.
Import the public certificate of the backend server, into the trust store of API Manager.

Note: The below trace can be observed in the SSL debug logs when trusted certificate authorities are not returned from the server.

*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***

Hope you find this blog post useful!

References

[1] https://docs.wso2.com/display/AM260/Securing+APIs+with+Mutual+SSL

[2] https://apim.docs.wso2.com/en/latest/learn/api-security/api-authentication/secure-apis-using-mutual-ssl/

[3] https://docs.wso2.com/display/AM260/Mutual+SSL+between+API+Gateway+and+Backend

[4] https://apim.docs.wso2.com/en/latest/learn/api-gateway/mutual-ssl-between-api-gateway-and-backend/#mutual-ssl-between-api-gateway-and-backend

WSO2 APIM based Mutual SSL

Written by Lakmini Wathsala