Rupayan Paul (Rupayan Paul)

Rupayan Paul Member since 2013 1 post
Posted: December 4, 2017
Last activity: December 8, 2017
Posted: 4 Dec 2017 14:15 EST
Last activity: 8 Dec 2017 17:42 EST

Best approaches to embed Security on a exposed soap service

Hi PDN Users,

We have this below requirement for one of our project and we want to implement a security for all our exposed soap service. Our preferred option is to implement the same using two way SSL but we are ready to accept other possible options as well. Please suggest.

Requirement Details: We want to create a two way SSL authentication for all our existing/new PEGA exposed services.

Available Information: Certificates are available for both server and client sides

Bottlenecks: Below are the lack of information those actually lingering us to implement this architecture:

  • Where we have to keep our key store and trust store for PEGA server end and also for client/consumers
  • What configuration change (inside PEGA) , we need to do in service package and service soap rule to achieve this
  • In service package , we have an option to select TLS/SSL (For Rest Only). Is there any way we can use this for soap services as well?
Data Integration Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.