MuleSoft Certified Integration Architect – Level 1 — Question 92

An organization has an HTTPS-enabled Mule application named Orders API that receives requests from another Mule application named Process Orders.

The communication between these two Mule applications must be secured by TLS mutual authentication (two-way TLS).

At a minimum, what must be stored in each truststore and keystore of these two Mule applications to properly support two-way TLS between the two Mule applications while properly protecting each Mule application's keys?

Answer options

• A. Orders API truststore: The Orders API public key Process Orders keystore: The Process Orders private key and public key
• B. Orders API truststore: The Orders API private key and public key Process Orders keystore: The Process Orders private key public key
• C. Orders API truststore: The Process Orders public key Orders API keystore: The Orders API private key and public key Process Orders truststore: The Orders API public key Process Orders keystore: The Process Orders private key and public key
• D. Orders API truststore: The Process Orders public key Orders API keystore: The Orders API private key Process Orders truststore: The Orders API public key Process Orders keystore: The Process Orders private key

Correct answer: C

Explanation

The correct answer (C) includes all necessary components for two-way TLS, wherein each application trusts the other's public key while keeping their private keys secure. Options A and B are incorrect as they do not contain the required public key from the other application in their truststore. Option D misplaces the necessary items required for proper TLS mutual authentication.