Configuring the API Gateway Internal Listener

Field	Description
Protocol	Specifies the protocol to use for this port (HTTP or HTTPS). If you select HTTPS, additional security and credential boxes appear for which you have to provide the required values.
Description (optional)	A description of the port.
Alias	Specifies an alias for the port. An alias must be between 1 and 255 characters in length and include one or more of the following: letters (a -z, A-Z), numbers (0-9), underscore (_), period (.), and hyphen (-).
Max connections	Specifies the number of connections maintained between API Gateway Internal port and API Gateway. The default value is 5.
Private threadpool configuration. Specifies whether to create a private thread pool for this port or use the common thread pool.
Enable	Select to enable the private threadpool configuration for this port.
Threadpool min	Specifies the minimum number of threads for this private threadpool. The default value is 1.
Threadpool max	Specifies the maximum number of threads for this private thread pool. The default value is 5.
Thread priority	Specifies the Java thread priority. The default value is 5.
API Gateway external server
Host	Specifies the host name or IP address of the machine on which the server is running.
Port	Specifies the port number of the registration port on the Server.
Registration credentials (optional)
User name	Specifies the name of the user on API Gateway that the internal server should connect as.
Password	Specifies the password of the user on API Gateway that the internal server should connect as.
External client security
Client authentication	Specifies the type of client authentication the internal server performs against external clients. External clients pass their authentication information to API Gateway, which in turn passes it to the internal server. Select one of the following: Username/Password . API Gateway does not request client certificates. Instead it looks for user and password information in the request header. Digest. The Internal Server looks for password digest information in the request header. Request Client Certificate. API Gateway requests client certificates for requests from external clients. If the client does not provide a certificate, the server prompts the client for a userid and password. The server checks whether the certificate exactly matches a client certificate on file and is signed by a trusted authority. If so, the client is logged in as the user to which the certificate is mapped in API Gateway. If not, the client request fails, unless central user management is configured. Require Client Certificate. API Gateway requires client certificates for requests from external clients. If the external client does not supply a certificate, the request fails.

Important:
The default access mode of the port is set to Allow by default. This implies that the port allows connections to all ESB services and folders. Users must note that this setting allows access to all enterprise assets hosted in internal Integration Server. There is a potential security risk for the IS assets that are secured by Anonymous Access Control Lists (ACL) or if the installation is exposed to the public internet. Hence, you can set the access mode of the port to Deny by default before enabling it. When you change the access mode, you add the required services and folders to the Allow list. For more information, see Configuring Access Mode for a Port.