0

I have a requirement to consume a Restful API in Spring Java Application. Provider is expecting us to have SSL and Message Signing both. After researching a bit on Google, I understood the SSL authentication part, however, I did not get any pointers on how to start with Message Signing part in Restful?

In Message Signing, we have to first sign the request using our private key, Provider will unsign the same at their end using our public key.

Thanks.

user3310534
  • 19
  • 1
  • 4

1 Answers1

0

SSL and message signing is handled by your operation system and virtual maschine. if the provider has a public certificate, you can consume the API with RestTemplate and the correct url https://... otherwise you have to install the providers certificate on your maschine

How to import a .cer certificate into a java keystore?

Matthias
  • 1,378
  • 10
  • 23
  • Yes Thats right, but I want to know how do we sign the rest request before sending it to Provider with clients public key? And this needs to happen once SSL validation is done. – user3310534 Jul 27 '17 at 08:13
  • I have no idea, why your client should sign the request twice? The WebClient implemantion used by RestTemplate will sign/verify/decrypt/encrypt all requests/response automaticly if you are using the correct protocol "https". If your provider do not provide an standard http over ssl (https) rest endpoint, please redescribe your requirements. – Matthias Jul 27 '17 at 12:14