Hi, Pratyush.
Your question goes on a variety of concepts (cryptography, pki infrastructure, SSL/TLS protocols) you will need to study to fully understand it.
In simplistic way:
-
Manage Certificate: holds certificates (public keys) that will be used by the gateway to check external data signature or ENCRYPT data to a specific destination
-
Manage Private Key: holds the private key and public certificate that will be used by the gateway to sign data or DECRYPT data from an external source destinated to gateway.
Why data signature is important? It guarantees the source and integrity of a message. With a PRIVATE KEY a message can be signed. With the PUBLIC KEY (public cert), a signature can be verified.
Why encryption is important? It guarantees only the destination can read a message. With PUBLIC KEY a message can be encrypted. Only with the PRIVATE KEY a encrypted message can be decrypted.
------------------------------
Sr. Consultant Services
HCL Enterprise Studio
------------------------------
Original Message:
Sent: 09-19-2019 07:07 AM
From: Pratyush Singh
Subject: SSL authentication details
Hi Everyone,
Can someone please explain how actually SSL is working in CA API Gateway, mean to ask how exactly "Manage Certificate" and "Manage PRIVATE Key" options we are using together. I am totally confuse when to upload certificate and when private keys. I read document but still not clear. I want to know how to figure it out when to pull certifcate from .PFX file in order to upload or when to upload only Private keys itself.
Sorry to ask such basic question and thanks in advance for help.
Thanks
Pratyush