This blog provides steps to configure SSL certificate in Oracle API Gateway node’s trust store. It becomes necessary when API gateway in installed in “production” mode. Without SSL certificate you won’t able to deploy an API to gateway node, because in production mode gateway must communicate with APIP management tier over SSL. Another use-case is when backend service is SSL enabled.
Scenario#1 : When gateway is installed in Production mode (gatewayExecutionMode=”Production”), it communicates with APIP management tier over SSL.
There are certain configurations need to be done in gateway for successful SSL Handshake with management tier. Before we jump into the gateway configuration, let’s see types of certificates configured in management tier.
Mostly there are 2 types of Digital certificates configured in management tier.
(i) WebLogic Self-signed certificate (Provided by default as WebLogic “demo” certificate. Not recommended for Production environment)
(ii) Custom CA Signed certificate (It is recommended that you should replace WebLogic demo cert with CA signed cert for production usage) (To learn how to configure CA singed certificate you can refer A-team blog – http://www.ateam-oracle.com/api-platform-custom-host-name-and-certificate/)
Now, Let’s see kind of problems you may face in absence of certificate.
For regular information on Oracle PaaS become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.