Configuring SSL for API Gateway
You need to configure SSL for the API Gateway to ensure the certificates used are safe, secure, and trust-worthy during HTTPS communication.
The myFileGateway 2.0 user interface makes REST API calls to the API Gateway server for a host of services such as authentication and generation of JSON Web Token (JWT) to multiple REST API calls. You must use HTTPS out-of-the-box for any form of communication as the information exchanged with the API Gateway is sensitive.
By default, the API Gateway server is configured with a self-signed certificate and it is
recommended to change to CA signed certificate.
Note: Until you change to CA signed certificate, the
browser needs you to accept the self-signed certificate for successful REST API calls to log in
successfully.
Using self-signed certificates:
The browser displays a warning message indicating a security risk. Type the API Gateway URL in
the browser and then accept the self-signed certificate when prompted by the browser.
Note: If self
signed certificates are used, then the Accept certificate step needs to be carried out separately
for different IP and Port combinations.
Using CA certificates:
This is a more secure way to access the HTTPS URLs. If the CA certificates are used instead of self-signed certificates, the system does not reproduce the initial errors that occur with self-signed certificates.