To improve the performance and reduce the complexity of the HTTP connection pooling, we have developed Http2Client which is HTTP/2 enabled for the client to service and the service to service communication. We also support one-way SSL by default for all communication channel and two-way SSL optional with the configuration in the server.yml file.
In most service to service interactions, we are using self-signed certificates which are managed by server.keystore and client.truststore. For more details on how to use these keystore files in the config folder, please refer to [keystore vs. truststore]. Please beware that you also need a client.keystore and a server.truststore if two-way SSL is used.
When communicating with public websites or API servers, it would be great to get the certificate from the owner. If we cannot, the following is a Public HTTPS tutorial to download the certificate from a public website.