After you have generated a certificate in Salesforce, you can use it to support two-way authentication for a callout to a SOAP Web service.
To integrate the certificate with your Apex:
The following example illustrates the last step of the previous procedure and works with the sample WSDL file in Generated WSDL2Apex Code. This example assumes that you previously generated a certificate with a Unique Name of DocSampleCert.
docSample.DocSamplePort stub = new docSample.DocSamplePort(); stub.clientCertName_x = 'DocSampleCert'; String input = 'This is the input string'; String output = stub.EchoString(input);
There is a legacy process for using a certificate obtained from a third party for your organization. Encode your client certificate key in base64, and assign it to the clientCert_x variable on the stub. This is inherently less secure than using a Salesforce certificate because it does not follow security best practices for protecting private keys. When you use a Salesforce certificate, the private key is not shared outside Salesforce.
The following example illustrates the legacy process and works with the sample WSDL file in Generated WSDL2Apex Code.
docSample.DocSamplePort stub = new docSample.DocSamplePort(); stub.clientCert_x = 'MIIGlgIBAzCCBlAGCSqGSIb3DQEHAaCCBkEEggY9MIIGOTCCAe4GCSqGSIb3DQEHAaCCAd8EggHb'+ 'MIIB1zCCAdMGCyqGSIb3DQEMCgECoIIBgjCCAX4wKAYKKoZIhvcNAQwBAzAaBBSaUMlXnxjzpfdu'+ '6YFwZgJFMklDWFyvCnQeuZpN2E+Rb4rf9MkJ6FsmPDA9MCEwCQYFKw4DAhoFAAQU4ZKBfaXcN45w'+ '9hYm215CcA4n4d0EFJL8jr68wwKwFsVckbjyBz/zYHO6AgIEAA=='; // Password for the keystore stub.clientCertPasswd_x = 'passwd'; String input = 'This is the input string'; String output = stub.EchoString(input);