On Wed, Sep 25, 2019 at 6:49 AM Asela Pathberiya <[email protected]> wrote:
> > > On Wed, Sep 25, 2019 at 10:47 AM gayan gunawardana < > [email protected]> wrote: > >> Hi APIM team, >> >> Is there any recommended deployment pattern to implement [1] if SSL >> termination happen from load balancer ? >> > > One option is that sending the client certificate's data using HTTP > header. Also it can be done at the SSL termination point as it has access > to the client certificate. > > I assume that we have implemented such sample handler to GW. > Thanks a lot for quick reply. I suppose sending the client certificate's data using HTTP header is much convenient. Having it on SSL termination point is also a good option but the problem is when we have multiple APIs with multiple certificates how to maintain API to certificate mapping in SSL termination point. > > Thanks, > Asela. > > >> >> [1] https://docs.wso2.com/display/AM260/Securing+APIs+with+Mutual+SSL >> >> -- >> Gayan >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > Thanks & Regards, > Asela > > Mobile : +94 777 625 933 > > http://soasecurity.org/ > http://xacmlinfo.org/ > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- Gayan
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
