Skip to end of banner
Go to start of banner

Outbound TLS

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Current »

Use this policy with APIM Proxies to ensure that outbound endpoints are verified by TLS certificates during API processing. When a client calls a Proxy API with this policy, the server and client exchange certificates. In APIM, Snapogic® is the client, and the server is any server that the user wants the proxy to call.

This policy does the following:

  • The client connects to an APIM Proxy.

  • The APIM Proxy presents its TLS certificate.

  • The client verifies the server's certificate.

  • The APIM Proxy then uses the certificates provided by the client for the backend call.

The client-server verification is done in this part between the proxy and the backend server.

This policy supports Proxies only and does not display in the API Policy Manager console for APIs and Versions.

Policy Execution Order

This policy executes before the other policies.

All expression enabled fields take expressions from the SnapLogic Expression Language and the API Policy Manager functions.

Parameter Name

Description

Default Value

Example

Label

Required. The name for the API policy.

Outbound TLS

Southbound

When this policy should be applied

An expression enabled field that determines the condition to be fulfilled for the API policy to execute.

For example, if the value in this field is request.method == "POST", the API policy is executed only if the request method is a POST.

N/A

request.method == "POST"

Certificate Input Format

Required. Select the method for certificate:

RAW_TEXT

FILE_PATH

  • RAW_TEXT: Opens text field for key files where you can paste the keys.

N/A

  • FILE_PATH: Enables filepath selector as you type the path:

    • Click (blue star) to preview the file in Manager.

    • Click (blue star) to select a file:

      • Under the Project, pick the target file from Manager

      • Click Upload file button to select a file from your local machine.

When the certificate is input, the Preview Type contains the following options:

  • Hex: Displays the preview data in hexadecimal format.

  • Text: Displays the preview data in text format.

  • Render text with whitespace: Renders whitespaces as dots "." and tabs as underscores "_" in the preview data.

Click Download Preview for a copy on your local machine.

N/A

Certificate encryption algorithm

Required. RSA

Currently, only RSA encryption algorithsms are supported.

RSA

RSA

Public key file

Enter the public key.

  • The public key should be unencrypted.

  • The client can provide a certificate chain.

  • The certificate should be a valid x509 certificate.

None

Private key file


Enter the unencrypted private key.

None

Status

Specifies whether the API policy is enabled or disabled. 

Enabled

Disabled

  • No labels

Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.