Configure browser authentication over SSL/TLS

The connection between the browser and API Gateway acting as the Kerberos service is by default unsecured. For security reasons, it is recommended to use a secure SSL/TLS connection when connecting to the API Gateway.

This section describes the additional configuration steps required to enable a browser to authenticate to the API Gateway using SPNEGO over a secure SSL connection.

The configuration of Kerberos principal, Kerberos service, and Kerberos service policy remains the same as with unsecure connection. For details, see Configure Kerberos principal and Configure API Gateway policy.

To enable SSL connection, you must do the following:

  1. Configure API Gateway for SSL/TLS connection
  2. Configure your browser to use SSL/TLS connection

Related Links