Difficulty in understanding how certificate is used in SSL communication

Question

There is a wsdl which I wanted to access, the point here is I cannot access this WSDL as it is giving SSL Error. I wanted to know what all is needed here?

What I have done from my side :

Lets say Server A wants to access a WSDL which is implemented in Server B, now there has to be exchange of certificates between these two servers right? What all exchanges it should happen?

I have created a certificate request using "Create certificate Request" from IIS and shared this certificate request with Server B, from Server B We have got a p7b file. Now what exactly we have to do from here? Is the approach what we followed correct or we are deviating from the actual problem?

From browser. I think we have to import certificate to the browser but the point here is what certificate I have to import to the browser? — HookUp, Feb 25 '14 at 06:49
Try importing the certificate into browser (http://supportline.microfocus.com/Documentation/books/reUZE_Server_60/cjtcer.htm) — Santosh, Feb 25 '14 at 06:58
Here is my actual question. What is the certificate that you are talking about? Can you be as much specific as you can about it? — HookUp, Feb 25 '14 at 08:51

score 1 · Accepted Answer · answered Mar 01 '14 at 09:53

I got the clarification finally. Thanks for the support whatever you have given.

As conveyed above here was the problem,

Server A wants to access WSDL from Server B, and We are created a "Certificate request File" (P10b) file and shared with Server B, Now they have provided us with (P7b) file. Here was my doubt as to how to proceed.

Explanation :

P10b : "Certificate request" created by Server A in this case. This is a certificate request which means "This is my domain and I wanted to open a request for secured access" . Now this is what we share with Server B (Where wsdl is being implemented). Now since we want to access something from Server B over secured layer, Server B has to sign this request (signing here means approving any request which comes from Server A since this request holds the server name from where it is originating), Now this signing will be done by Server B which is when the certificate will be transformed from p10b to p7b which is what Server B will do and it will send this information to Server A.

Now at Server A we have this certificate called p7b, Server A will now have to convert this P7b to p12b which is the final version of the certificate. This conversion is a kind of decrypting technique which will be done by only the private key of Server A (which means only Server A can decrypt this) Once Server A converts this p7b to p12b which is the final version of certificate, now the server A can have access to the secured resources of Server B by using this certificate. If Server A want's to access WSDL from browser then the browser should have this certificate imported which can be done from the settings on the browser. If the wsdl has to be accessed from a soap UI then this can be done by SSL settings on SOAP UI.

I hope I have made clear. Please let me know if it's not clear anywhere.

score 0 · Answer 2 · edited May 23 '17 at 11:54

I had faced the same issue with my remote spring service when I had converted it from normal http to https.All you need to do is generated certificate for requested application your application and register it with trust store of ServerB from where you want to access application. You can check following links to achieve that

Digital Certificate: How to import .cer file in to .truststore file using? How to import a jks certificate in java trust store http://singztechmusings.wordpress.com/2011/05/08/https-communication-how-it-works/

Hope this will give you very good insight.

Difficulty in understanding how certificate is used in SSL communication

2 Answers2