Mutual TLS between Developer Portal and API Proxy

meghdeepbasu
Participant II

Due to highly secured environment of our project, we wanted to have 2 way TLS between dev portal and management server.

But by default this is one way TLS (from Developer Portal to Management Server over HTTPS). Hence we need to implement a custom solution.

Therefore, we have decided to build an api proxy in between dev portal and management server. So, that between Dev Portal and the API Proxy, it would be mutual TLS. And between the API Proxy and Management Server, it would be 1 way (as existing).

We are planning to do this by associating the client certificate to virtual host. We can create a special virtual host and associate the client certificate. Then this virtual host would be referred from Dev Portal.

Can any one please confirm if there is a better way or there is any issue with this approach, other than the fact that Dev Portal performance would be compromised ?

1 2 173
2 REPLIES 2

@Meghdeep Basu I can help out better if I know what version of EDGE and Portal you are trying to accomplish this with. Cloud ? On Premise - what version ?

Thanks.

Its as follows:

1. Setup: Public Cloud

2. Edge Version: 171106