Configure browser authentication over SSL/TSL

The connection between the browser and API Gateway acting as the Kerberos service is by default unsecured. For security reasons, it is recommended to use a secure SSL/TSL connection when connecting to the API Gateway.

This section describes the additional configuration steps required to enable a browser to authenticate to the API Gateway using SPNEGO over a secure SSL connection.

The configuration of Kerberos principal, Kerberos service, and Kerberos service policy remains the same as with unsecure connection. For details, see Configure Kerberos principal and Configure API Gateway policy.

To enable SSL connection, you must do the following:

  1. Configure API Gateway for SSL/TSL connection
  2. Configure your browser to use SSL/TSL connection

Related Links