MTLS for connectivity pack applications

Enable Mutual Transport Layer Security (MTLS) for connectivity pack applications to ensure secure communication between the client and server using mutual authentication and encryption.

Before you begin

To enable MTLS, you are required to modify the generated Connectivity Pack code. Initially, you must adhere to the instructions outlined in the Enable MTLS, and upon completing these steps, you can proceed with the following steps.

Procedure

  1. Run the following command to generate a FastAPI server for a connector pack application:
    Generate a FastAPI server for a connector pack application.
    Note: Use the OAS Creator tool to generate the input OpenAPI.
  2. Extract the generated code file and open the client libraries configuration file. You can find the file in this path: app-code/src/openapi_client/configuration.py.
  3. Add the following functions to the Configuration class:
    def set_ca_cert(self):
       filename = os.path.join(
          os.path.dirname(os.path.dirname(__file__)),
          "/tmp/certs/tls.crt",
       )
       return filename
    
    def set_tls_key(self):
       return os.path.join(
          os.path.dirname(os.path.dirname(__file__)),
          "/tmp/certs/tls.crt",
       )
    
    def set_tls_cert(self):
       return os.path.join(
          os.path.dirname(os.path.dirname(__file__)),
          "/tmp/certs/tls.crt",
       )

    The directories set for each of these functions must be pointed at the certificates you created earlier during secret creation, which you must download to your local file system, For more information, see Create secrets.

  4. Update the following in the Configuration classes __init__ definition:
    self.ssl_ca_cert = self.set_ca_cert()
    self.cert_file = self.set_tls_cert()
    self.key_file = self.set_tls_key()