Newer Version Available
Using Certificates with SOAP Services
After you have generated a certificate in Salesforce, you can use it to support two-way authentication for a callout to a SOAP Web service.
To integrate the certificate with your Apex:
- Receive the WSDL for the Web service from the third party or generate it from the application you want to connect to.
- Generate Apex classes from the WSDL for the Web service. See SOAP Services: Defining a Class from a WSDL Document.
- The generated Apex classes include a stub for calling the third-party Web service represented by the WSDL document. Edit the Apex classes, and assign a value to a clientCertName_x variable on an instance of the stub class. The value must match the Unique Name of the certificate you generated under Setup, in .
The following example illustrates the last step of the previous procedure and works with the sample WSDL file in Generated WSDL2Apex Code. This example assumes that you previously generated a certificate with a Unique Name of DocSampleCert.
1docSample.DocSamplePort stub = new docSample.DocSamplePort();
2stub.clientCertName_x = 'DocSampleCert';
3String input = 'This is the input string';
4String output = stub.EchoString(input);There is a legacy process for using a certificate obtained from a third party for your organization. Encode your client certificate key in base64, and assign it to the clientCert_x variable on the stub. This is inherently less secure than using a Salesforce certificate because it does not follow security best practices for protecting private keys. When you use a Salesforce certificate, the private key is not shared outside Salesforce.
The following example illustrates the legacy process and works with the sample WSDL file in Generated WSDL2Apex Code.
1docSample.DocSamplePort stub = new docSample.DocSamplePort();
2stub.clientCert_x =
3'MIIGlgIBAzCCBlAGCSqGSIb3DQEHAaCCBkEEggY9MIIGOTCCAe4GCSqGSIb3DQEHAaCCAd8EggHb'+
4'MIIB1zCCAdMGCyqGSIb3DQEMCgECoIIBgjCCAX4wKAYKKoZIhvcNAQwBAzAaBBSaUMlXnxjzpfdu'+
5'6YFwZgJFMklDWFyvCnQeuZpN2E+Rb4rf9MkJ6FsmPDA9MCEwCQYFKw4DAhoFAAQU4ZKBfaXcN45w'+
6'9hYm215CcA4n4d0EFJL8jr68wwKwFsVckbjyBz/zYHO6AgIEAA==';
7
8// Password for the keystore
9stub.clientCertPasswd_x = 'passwd';
10
11String input = 'This is the input string';
12String output = stub.EchoString(input);