Layer7 API Management

Expand all | Collapse all

Mutual TSL between Api Gateway and Client

Jump to Best Answer
  • 1.  Mutual TSL between Api Gateway and Client

    Posted 01-25-2018 05:19 PM

    Regards,

     

    Can you please help me with a tutorial to configure the communication with tsl mutual between the gateway (as a server) and the client through certificates.

    I am creating a self-signed certificate on the client and import it into the gateway. Then I export the gateway certificate and import it into the client.
    Then I create a user in the FIP with the same CN of the imported certificate. I enable port 9443 for client authentication to be mandatory. I add the assertion "Require SSL or TSL Transport with Client Authentication" and then "Authenticate Against Identity Provider".

    After the previous steps the gateway is allowing to make requests from clients that do not have the installed certificates and should not be authorized.

    The tests I'm doing with postman.

    I appreciate your help.



  • 2.  Re: Mutual TSL between Api Gateway and Client

     
    Posted 02-01-2018 05:54 PM

    Can you please provide a snippet/screenshot of your policy showing the authentication assertions that you are using?



  • 3.  Re: Mutual TSL between Api Gateway and Client
    Best Answer

     
    Posted 02-01-2018 05:58 PM

    Also see the following post Configuring mutual ssl 

     

    Wesley.