Use Mutual TLS in HTTP modules in Adobe Workfront Fusion

NOTE

Adobe Workfront Fusion requires an Adobe Workfront Fusion license in addition to an Adobe Workfront license.

Mutual TLS overview

When you send data over the internet, it’s important to ensure that it goes to or comes from the correct location and that only the intended recipient can read it. With TLS enabled, the client (computer requesting information) uses certificates to verify the identity of the server (computer providing information). This makes secure HTTP connections.

Mutual TLS allows this identity confirmation to go both ways. When the server sends its certificate to verify its identity to the client, it also requests the client’s certificate. This ensures that the server does not send information to a site or user that would misuse it.

INFO

Example:

  • TLS: When a person types “MyGreatBank.com” into a browser, they want to be sure that they are going to My Great Bank, not a website that might misuse or sell their banking information. They also want to be sure their bank account information is encrypted.

    When the browser (the client) connects to MyGreatBank.com (the server), TLS requires a certificate from MyGreatBank.com to verify its identity. The certificate is provided by a certificate authority such as DigiCert or Thawte. Because the browser trusts the certificate authority, it allows the connection.

  • Mutual TLS: MySoftware.com is a software client that needs information from the MyGreatBank.com API. MyGreatBank allows only trusted clients to connect to their servers. So, in addition to the regular TLS verifying the identity of MyGreatBank.com, the TLS/certificate authority process also verifies the request from MySoftware.com.

Access requirements

You must have the following access to use the functionality in this article:

Adobe Workfront plan*

Pro or higher

Adobe Workfront license*

Plan, Work

Adobe Workfront Fusion license**

Workfront Fusion for Work Automation and Integration

Product Your organization must purchase Adobe Workfront Fusion as well as Adobe Workfront to use functionality described in this article.

*To find out what plan, license type, or access you have, contact your Workfront administrator.

**For information on Adobe Workfront Fusion licenses, see Adobe Workfront Fusion licenses

Providing your Workfront Fusion public certificate

When you connect to a web service with an HTTP request, the web service usually requires a Workfront Fusion public certificate for verification. This allows the web service to compare the certificate presented in the HTTP request to the one on file, as a way to ensure that the certificate is on the web service’s allowlist.

For instructions on uploading the Adobe Workfront Fusion public certificate to a web service, see the web service’s documentation.

You can use the following links to download the Workfront Fusion public certificates:

Certificates for the year November 17, 2021 - November 17, 2022

IMPORTANT

Workfront Fusion public certificates expire annually. After yours expires you will need to upload a new certificate to the web service. We recommend that you:

  • Make note of the expiration date and set a reminder for yourself to upload the certificate to your web service.
  • Bookmark this page to easily find the new certificates.
NOTE

You may need to provide other information in addition to the certificate. For information on what a web service requires, see the web service’s API documentation.

Enabling Mutual TLS in Workfront Fusion HTTP modules

All Workfront Fusion HTTP request modules have the option to enable Mutual TLS.

To enable Mutual TLS in an HTTP request module:

  1. Add an HTTP request module to your scenario.

  2. Begin configuring the module.

    For instructions on configuring an HTTP request module, see the appropriate article under HTTP modules.

  3. Enable Show advanced settings near the bottom of the module.

  4. Enable Use Mutual TLS.

On this page