Thank you very much for sharing your feedback. We'll take more consideration on those matters before proceeding further.
Thank You, Dulangi On Thu, Nov 19, 2020 at 12:43 PM Sanjeewa Malalgoda <[email protected]> wrote: > As I understand, mutual TLS has nothing to do with the place we upload > cerths (application and subscription). > If we take mutual SSL enabled soap messages then what we do is get a > header block with NS URL after checking cert object. Then from the header > block we get the user name. In mutual SSL whatever username send by client > is trusted as long as it comes with proper format and along with cert. > Similar to that, can't we just let subscribers send those information along > with the certificate? > > On the other hand if we let subscribers upload certs that affect the > gateway they can simply upload any certificate with host names and override > certificates added by maintainers. Isn't it a problem? > > Thanks, > sanjeewa. > > On Tue, Nov 17, 2020 at 1:06 PM Dulangi Gamage (Intern) <[email protected]> > wrote: > >> Hi All, >> >> *Project Description* >> >> Currently, the API Manager supports mutual TLS at the API level. In the >> current implementation application subscription is not permitted for APIs >> that are only protected with Mutual SSL. Therefore, subscription or >> application-level throttling is not applicable to these types of APIs. >> Hence, now the Mutual TLS support needs to be implemented at the >> application level so that all the applications subscribed to that API will >> have mutual TLS enabled. So my project is to enhance the Mutual TLS support >> to the application level and enhance the application developer portal UI >> to support mutual TLS. >> >> Please refer to the attached google doc for more details. >> >> https://drive.google.com/file/d/1tiB2xkuopKGWWYJYEqTlRztfFiCenl19/view?usp=sharing >> >> Your feedback and suggestions are greatly appreciated. Thank You. >> >> >> -- >> Dulangi Gamage | Intern | WSO2 Inc. >> (m) +94766697385 | Email: [email protected] >> <http://wso2.com/signature> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > *Sanjeewa Malalgoda* > Software Architect | Associate Director, Engineering - WSO2 Inc. > (m) +94 712933253 | (e) [email protected] | (b) Blogger > <http://sanjeewamalalgoda.blogspot.com>, Medium > <https://medium.com/@sanjeewa190> > > GET INTEGRATION AGILE <https://wso2.com/signature> > Integration Agility for Digitally Driven Business > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- Dulangi Gamage | Intern | WSO2 Inc. (m) +94766697385 | Email: [email protected] <http://wso2.com/signature>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
