Client Tutorial

To improve the performance and reduce the complexity of the HTTP connection pooling, we have developed Http2Client which is HTTP/2 enabled for the client to service and the service to service communication. We also support one-way SSL by default for all communication channel and two-way SSL optional with the configuration in the server.yml file.

In most service to service interactions, we are using self-signed certificates which are managed by server.keystore and client.truststore. For more details on how to use these keystore files in the config folder, please refer to keystore vs. truststore. Please beware that you also need a client.keystore and a server.truststore if two-way SSL is used.

When communicating with public websites or API servers, it would be great to get the certificate from the owner. If we cannot, the following is a Public HTTPS tutorial to download the certificate from a public website.

Client Dependencies

If you are using the Http2Client for the service to service communication, you need to include all client related modules into your pox.xml file. You can find these modules from light-consumer-4j which is a convenient fat client that packages all consumer side modules together. If you are working with an original client, you’d better use the light-consumer-4j instead of including all modules individually. light-consumer-4j also implement retry and circuit breaker to further guarantee the connectivity to the APIs/services. Read More »

Setting Client Configuration

Configuring the client module to customize integration criteria. Read More »

Client Module Code

Java API for interacting with the client module within your codebase. Read More »

Public HTTPS

When using our Http2Client to communication with public API with CA-signed certificates, we have to find a way to download the certificate from the site and put it into our client.truststore file in order to establish TLS connection to the site if you cannot get the certificate from the right channel. There are multiple options to do that, and the simple one is from the browser; however, the certificate downloaded from the browser might not be completed as we need the entire chain to verify the certificate during the handshake. Read More »

Jwt Token

Read More »

Consul Discovery

We have an issue opened by one of our users who is using Weblogic 12c in Java 8 to call microservices built top of the light-rest-4j framework in OpenShift cluster. The services are deployed with host networking, and IPs and port numbers are registered to the Consul cluster running outside of the OpenShift cluster. It is a typical deployment, and we have a lot of similar configurations with other users. The issue they were facing is that the first time lookup takes up to 10 minutes sometimes. Read More »