To improve the performance and reduce the complexity of the HTTP connection pooling, we have developed Http2Client which is HTTP/2 enabled for the client to service and the service to service communication. We also support one-way SSL by default for all communication channel and two-way SSL optional with the configuration in the server.yml file.
In most service to service interactions, we are using self-signed certificates which are managed by server.keystore and client.truststore. For more details on how to use these keystore files in the config folder, please refer to keystore vs. truststore. Please beware that you also need a client.keystore and a server.truststore if two-way SSL is used.
When communicating with public websites or API servers, it would be great to get the certificate from the owner. If we cannot, the following is a Public HTTPS tutorial to download the certificate from a public website.