We currently have mule ESB running on out network. Not in the DMZ.
I'm looking for information on how to configure an Apache Http server running in the DMZ to act as a proxy for a web service running on the ESB.
Thanks
The HTTP transport of Mule doesn't have any specific requirement in term of headers, so basically there's no particular recommendation for proxying HTTP requests in front of Mule.
So in the case of Apache, use mod_proxy to configure a reverse proxy in front of Mule and you should be good.
Related
I have a custom coded relay server application in VB.NET that is currently deployed as a windows service.
It accepts HTTP web requests from a client using a Tcp Listener, parses the requests and forwards it to another remotely hosted service via socket communication. The result from the service is then sent back by my relay server to the original client as a http response.
This functionality works perfectly as of now, but I would now like to upgrade my relay server to accept HTTPS requests instead of http.
I am not sure how to move ahead with this scenario.
I researched and found the following 2 options but I am not sure which is better and feasible?
One, I explicitly upgrade my current code to handle https handshake, certificate validation etc (if so, how?) or second option, can my current application be hosted on IIS to handle this scenario (if so, how)?
Thanks in advance.
A possible solution is to use IIS with Application Request Routing (ARR) as a reverse proxy in front of your service (its not possible to "Host" your service in IIS as such).
You could setup IIS/ARR with a certificate and suitable HTTPS binding, then configure ARR to proxy the HTTPS requests onto your service listening on HTTP. No changes required to your service's code.
Take a look at the following example: https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing
In your case your service listening on port 80 is no different to a website running in IIS. The above example is more complicated than you need (as its reverse proxy'ing 2 websites based on a prefix of the URL), but it gives you a starting point.
A further possible step to force all traffic to use HTTPS would be to change the port your service uses (eg to 8080 instead of 80), then setup IIS to handle port 80 to perform a redirect to 443, and then use 443 and ARR to proxy your traffic to your service on 8080.2
I have set up an HTTPS endpoint for my mulesoft flow which is working great in local.
https://'localhost':8081/customerquote
Once I deploy it on CloudHub I am not able to contact the url using https, the URL looks like
https://myappname.cloudhub.io/customerquote it is responding only in HTTP reporting an SSL handshake error of course.
Already tried to switch the endpoint port to 443 or 8443 without any results.
Any Idea ?
You need to use properties placeholders when you're deploying to CloudHub:
http://www.mulesoft.org/documentation/display/current/Developing+a+CloudHub+Application
If your application requires an externally accessible HTTP or HTTPS
port to receive messages, trigger events, or expose a web service or
user interface, you must declare the port using the reserved property
${http.port} or ${https.port}. On CloudHub, port ${http.port} or
${https.port} is assigned automatically by the platform services.
Traffic on port 80 to your application domain URL will be routed to
this port.
An HTTPS listener requires a TLS configuration.
Please refer this link
https://developer.mulesoft.com/docs/display/current/Building+an+HTTPS+Service
I did copy the exactly example reported here and it worked
http://www.mulesoft.org/documentation/display/current/Building+an+HTTPS+Service
We have a solution that consists of a WCF webservice on one side and a smart client on the other side.
Typically, we set up HTTPS on the webserver for the webservice so that communication between client and server happens over HTTPS.
One of our customers however has a proxy server in between that strips incoming HTTPS request from their SSL payload and forwards a plain HTTP request to the webserver:
Client > HTTPS > Proxy > HTTP > Webserver
The problem is that we are using WsHttpBinding to allow us to communicate with WCF over SSL. Typically we use that binding both on client and server and there's no issue.
But since the webservice actually receives an HTTP request, we cannot use WsHttpBinding (requires HTTPS). But we MUST use HTTPS from the client.
But of course, WCF requires the bindings between client and server to match. So we're a bit stuck and I can't find a good way to solve this issue:
We cannot set the client up to use HTTP for security reasons
We can set the service to accept HTTP requests, BUT the client won't be able to communicate with it.
Is there a certain setup that could cover this requirement?
use the wcf binding converter to get a custom binding from your wshttpbinding. then change in the custom binding from https to http element.
I have deployed Mule as a web-application. I use Mule to access my webservices over HTTPS. For which I have HTTPS implemented on Mule, which works fine.
Now, I want to integrate another Web-Application instead of a webservice and want to use the same HTTPS implemented on Mule instead of implementing SSL again on my Weblogic server. But when I try the URL gets redirected to my outbound HTTP URL though my inbound endpoint is HTTPS.
Can we create the proxy service using Apache CXF engine in wso2ESB?
no. ESB proxy service is always an AxisService. Most of the ESB/Synapse transports are also axis2 dependant.