Outbound TLS

Use this policy with APIM Proxies to ensure that outbound endpoints are verified by TLS certificates during API processing. When a client calls a Proxy API with this policy, the server and client exchange certificates. In APIM, SnapLogic® is the client, and the server is any server that the user wants the proxy to call.

This policy does the following:

  • The client connects to an APIM Proxy.

  • The APIM Proxy presents its TLS certificate.

  • The client verifies the server's certificate.

  • The APIM Proxy then uses the certificates provided by the client for the backend call.

The client-server verification is done in this part between the proxy and the backend server.

This policy supports Proxies only and does not display in the API Policy Manager console for APIs and Versions.

Policy Execution Order

This policy executes before the other policies.

All expression enabled fields take expressions from the SnapLogic Expression Language and the API Policy Manager functions.

 

Parameter Name

Description

Default Value

Example

Parameter Name

Description

Default Value

Example

Label

Required. The name for the API policy.

Outbound TLS

Southbound

When this policy should be applied

An expression enabled field that determines the condition to be fulfilled for the API policy to execute.

For example, if the value in this field is request.method == "POST", the API policy is executed only if the request method is a POST.

N/A

request.method == "POST"

Certificate Input Format

Required. Select the method for certificate:

RAW_TEXT

FILE_PATH

  • RAW_TEXT: Opens text field for key files where you can paste the keys.

N/A

 

  • FILE_PATH: Enables filepath selector as you type the path:

    • Click to preview the file in Manager.

    • Click to select a file:

      • Under the Project, pick the target file from Manager

      • Click Upload file button to select a file from your local machine.

When the certificate is input, the Preview Type contains the following options:

  • Hex: Displays the preview data in hexadecimal format.

  • Text: Displays the preview data in text format.

  • Render text with whitespace: Renders whitespaces as dots "." and tabs as underscores "_" in the preview data.

Click Download Preview for a copy on your local machine.

N/A

 

Certificate encryption algorithm

Required. RSA

Currently, only RSA encryption algorithsms are supported.

RSA

RSA

Public key file

Enter the public key.

None

 

Private key file


Enter the unencrypted private key.

None

 

Status

Specifies whether the API policy is enabled or disabled. 

Enabled

Disabled

Â