How do I Secure API Gateway User Interface Communication using HTTPS?
Secure API Gateway UI (web application), one of the API Gateway components in an API Management setup, to enable users to access the API Gateway UI securely over HTTPS. This use case explains how to secure API Gateway communication using HTTPS protocol.
The use case starts when you have an API Gateway instance with API Gateway UI that needs to be secured using HTTPS where you are using existing certificates to secure the communication channel between API Gateway UI and the clients(browsers). It ends when the secure channel is configured for communication between the API Gateway UI and the client.
Preconditions
You must have
API Gateway administrator privileges.
You must have the required client and server certificates.
To configure API Gateway user interface for secure communication
1. Ensure that the server certificates and client certificates are located at Installation_Dir\common\conf.
2. Configure the keystore and the HTTPS port on which you want to expose API Gateway UI.
a. Navigate to Installation_Dir\profiles\IS_default\configuration\com.softwareag.platform.config.propsloader and open the property file com.softwareag.catalina.connector.https.pid-apigateway.properties.
b. Modify the following properties by providing the keystore, passsword, and port details.
keystoreFile=generated_keystore_file_path/https_keystore.jks
port=9073 (https port in which you want to expose webApp)
@secure.keystorePass=password (password used while creating the keystore file)