Layer 7 API Management

Expand all | Collapse all

HTTP Pass-through Policy

  • 1.  HTTP Pass-through Policy

    Posted 09-15-2019 07:53 PM
    Hello,
    I am new to Layer 7 and am trying to set up the API Gateway to proxy transactions between 2 servers. This is to position the gateway as a pass-through layer for all the transactions and SSL authentication between the servers.

    Original Flow:
    Server_1 => Server_2

    Intended Flow:
    Server_1 => Layer_7 => Server_2

    Currently, between server_1 and server_2, there is mutual authentication that has been configured. Hence, is it possible to introduce Layer_7 API GW in this flow without changing the mutual authentication setup between servers 1 and 2. If so, can someone please point me to any documentation that can help me get started.

    Thanks in Advance,
    Chaya.


  • 2.  RE: HTTP Pass-through Policy

    Posted 09-16-2019 01:57 AM
    Dear Chaya,
    The layer7 gateway will always terminate ssl from front end, and re-establish ssl to the backend.
    Therefore you will need to setup mutual ssl between server_1 and gateway, and mutual ssl between gateway and server_2.

    Regards,
    Mark


  • 3.  RE: HTTP Pass-through Policy

    Posted 09-16-2019 12:03 PM
    Edited by Chaya Pothuraju 09-16-2019 12:06 PM
    Hello Mark,
    Thanks for getting back.

    From your response, Will the gateway terminate SSL from the calling server, because it cannot be the man-in-the-middle eavesdropper between the servers configured for mutual authentication. If so, can we try to build a policy that will let the gateway function as a HTTPS Proxy, a TCP Proxy or an SSL Passthrough so as to pass traffic between the servers.
    Please let me know your thoughts on this.

    Thanks,
    Chaya.