Configuring SSL for API Gateway

You need to configure SSL for the API Gateway to ensure the certificates used are safe, secure, and trust-worthy during HTTPS communication.

The myFileGateway 2.0 user interface makes REST API calls to the API Gateway server for a host of services such as authentication and generation of JSON Web Token (JWT) to multiple REST API calls. You must use HTTPS out-of-the-box for any form of communication as the information exchanged with the API Gateway is sensitive.

By default, the API Gateway server is configured with a self-signed certificate and it is recommended to change to CA signed certificate.
Note: Until you change to CA signed certificate, the browser needs you to accept the self-signed certificate for successful REST API calls to log in successfully.

Using self-signed certificates:

The browser displays a warning message indicating a security risk. Type the API Gateway URL in the browser and then accept the self-signed certificate when prompted by the browser.
Note: If self signed certificates are used, then the Accept certificate step needs to be carried out separately for different IP and Port combinations.

Using CA certificates:

This is a more secure way to access the HTTPS URLs. If the CA certificates are used instead of self-signed certificates, the system does not reproduce the initial errors that occur with self-signed certificates.