Using the StockQuoteclient/server samples, I have setup Synapse for 2-way SSL (Client cert) between the client and Synapse, and also between Synapse and the backend web service. I've setup the truststores so that only trusted web clients can connect with Synapse, and only Synapse can connect with the backend web services.
I am relatively new to SOA/web services, and I wanted to know if from the experts if this seems like a viable approach. I do understand the tradeoffs between transport & message level security. Also, I have an existing PKI available, so no worries with certificate management. Is there anything else I need to consider with this design??? E.g. performance? -- View this message in context: http://www.nabble.com/Synapse-2-way-SSL-w--Client-Certificates-tp23968440p23968440.html Sent from the Synapse - Dev mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
