Software AG Products 10.11 | Administrating API Gateway | Security Configuration | Securing API Gateway Communication using TLS | How do I Configure a Secure Communication Channel between API Gateway and API Portal?
 
How do I Configure a Secure Communication Channel between API Gateway and API Portal?
This section explains the steps required for API Gateway to securely communicate with API Portal for sending the runtime events and metrics and API Portal to communicate with API Gateway securely for key requests.
The described SSL configuration procedure applies only to API Portal version10.2 or later. Also ensure that the required certificates for API Gateway and API Portal are available.
To configure a secure communication channel between API Gateway and API Portal
1. Configure API Portal HTTPS port.
a. Navigate to Administration > Destinations in the API Gateway user interface.
b. Click API Portal > Configuration.
c. Provide the following information:
*In the Portal configuration section, provide the following details:
*Base URL. The API Portal base URL which API Gateway uses to communicate to API Portal using the HTTPS port. By default, API Portal uses port 18102 for HTTPS communication.
*Username and Password credentials to access API Portal.
*In the Gateway configuration section, provide the following details:
*Base URL. The API Gateway server URL, which API Portal uses to communicate to API Gateway using the HTTPS port. Specify the port 8886 that is configured for HTTPS communication.
*Username and Password credentials to access API Gateway.
d. Click Publish.
This configures API Portal as a destination and creates a communication channel between API Gateway and API Portal over the HTTPS port.
2. Ensure that outbound truststore is configured correctly to trust the certificate exposed by API Portal.
You can achieve this by configuring keystore and truststore settings for outbound connections in API Gateway. In the Configure keystore and truststore settings for outbound connections section, provide the keystore and truststore aliases for securing outgoing SSL connections. The keystore and key alias is required for outgoing two-way SSL connections.
3. You have to configure the API Portal truststore to trust the API Gateway outbound certificate. For details about how to configure API Portal truststore, see API Portal documentation.
You now have a secure communication channel between API Gateway and API Portal. You can now publish an API, which is enforced with Enable HTTPS/HTTPS policy with the HTTPS option configured, from API Gateway to API Portal and invoke the API from API Portal using the HTTPS endpoint that has been used to publish it to API Portal.