[Apiman-user] PKI Compatibility
Marc Savy
marc.savy at redhat.com
Tue Aug 25 05:57:08 EDT 2015
Hi Brooks,
Do you just mean mutual auth between the client and apiman gateway? https://docs.jboss.org/author/display/WFLY8/Detailed+Configuration
Or perhaps also mutual auth between the gateway and the backend? http://www.apiman.io/blog/gateway/security/mutual-auth/ssl/mtls/2015/06/16/mtls-mutual-auth.html
We don't currently support routing requests based upon the certificate (in lieu of an api key, for instance)
Regards,
Marc
On 24/08/2015 22:35, Brooks Isoldi wrote:
> Hi all,
>
> Does APIMan have the ability to validate inbound HTTPS requests
> with custom signed certificates to consume a service via a PKI service?
>
> So...a network where all internal traffic is encrypted with SSL,
> signed via an internal PKI service. The request to APIMan to consume
> the service would be via HTTPS and I am hoping APIMan can:
>
> - Validate the request based on the certificate and PKI service
> - Validate the request based on the rate limiting rules
> - Consume the service or reject the request accordingly
>
> Thanks!
>
>
> --
> Brooks Isoldi, Software Developer
>
> Traversed
> 7164 Columbia Gateway Drive, Suite 120A
> Columbia, MD 21046
>
>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
More information about the Apiman-user
mailing list