Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Mutual SSL in AEM

Shallu_Rohilla
Level 4
Level 4

In our current architecture we have our AEM author on JBoss server. The primary reason to do that was because AEM didn't provide capability for establishing Mutual SSL. Would want to know if in newer versions of AEM 6.3 or 6.5, can we establish Mutual SSL. If yes, can you please point to some documentation. This is required as we have to connect to services outside AEM. 

1 Accepted Solution
aemmarc
Correct answer by
Employee
Employee

Personally -- I'd avoid Mutual SSL if possible.

 

We have encountered very difficult-to-diagnose-and-troubleshoot edge cases where Java will incorrectly select the wrong certificate.

 

Yet unresolved Java bug : JDK-8199440

https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8199440

 

View solution in original post

5 Replies
Shallu_Rohilla
Level 4
Level 4
Hi, I am not looking for configuraing replication, this I have got. I am looking for Mutual SSL(MSSL) for consuming rest endpoints of other services.
aemmarc
Correct answer by
Employee
Employee

Personally -- I'd avoid Mutual SSL if possible.

 

We have encountered very difficult-to-diagnose-and-troubleshoot edge cases where Java will incorrectly select the wrong certificate.

 

Yet unresolved Java bug : JDK-8199440

https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8199440

 

View solution in original post

Shallu_Rohilla
Level 4
Level 4
But this bug talks about JDK bug specifically do you have any use case for Mutual SSL.
aemmarc
Employee
Employee
what I'm saying is -- Adobe Customer Care has seen incidents with organizations who use Mutual SSL (always seems to be banks) where they encounter odd edge case scenarios where the Java JVM selects the wrong alias during handshake and this is leads to failed SSL connections.