Updating the TLS profile for Gateway

Update the TLS profile that secures communications with the Gateway subsystem in your API Connect deployment.


  1. Appliance only: update the TLS profile by modifying the configuration of the REST management interface.
    Attention: If your Gateway is not deployed on an appliance, skip to step 2.

    For information on the REST management interface commands, see REST Management Interface commands in the DataPower Gateway documentation.

  2. Kubernetes only: update the TLS profile using the Domain API, which is exposed in the GatewayCluster CRD.

    The update requires a change the rest-mgmt service in the default domain. For information, see Domain API in the DataPower Operator documentation. For information on updating the domain definition, see Domain configuration in the same documentation.

    Note: The Gateway's API call SNI endpoint already supports replacing customer-provided keys and certifications as explained in Binding a TLS server profile to a gateway service.