Enabling mutual SSL Authentication with Backends

More details to come.

To set the certificate with which the API Gateway makes calls to the API backends, use the following two environment variables on your kong service:

PROXY_SSL_KEY: The private key in PEM format
PROXY_SSL_CERT: The certificate to use in PEM format.

Make sure you also include the CA in the appropriate place (TODO to describe this in more detail).

Filling the env variables

When deploying via `docker-compose`

To get the data into environment variables, use the following technique:

export PROXY_SSL_KEY=$(cat /path/to/proxy-key.pem)
export PROXY_SSL_CERT=$(cat /path/to/proxy-cert.pem)

Kubernetes

Use a secret to get the certificates into Kubernetes in a pre-step, then take out the content of the certificate and private key via valueFrom.

Apache Mesos

TODO.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

mutual-ssl.md

mutual-ssl.md

Enabling mutual SSL Authentication with Backends

Filling the env variables

When deploying via `docker-compose`

Kubernetes

Apache Mesos

Files

mutual-ssl.md

Latest commit

History

mutual-ssl.md

File metadata and controls

Enabling mutual SSL Authentication with Backends

Filling the env variables

When deploying via docker-compose

Kubernetes

Apache Mesos

When deploying via `docker-compose`