Adding a certificate to a specific API

ilya · November 1, 2018, 9:46am

Hi,

I am using tyk dashboard, gateway and pump in a closed environment (in addition to the redis and mongoDB). all latest versions
My dashboard and gateway are accessed through normal HTTP connection. Now i want to have a specific API work with a certificate and be accessed using HTTPS.

So i tried adding a certificate using the dashboard but it doesn’t seem to work. What am i doing wrong? Can i not have specific APIs with SSL and others without - Do i need to configure the whole gateway using HTTPS?

Thanks in advance!

leon · November 1, 2018, 10:08am

In this case you have to switch all apis to use SSL, or put simple proxy on top of tyk, like nginx, which will do ssl only for a single api.

Cheers.

ajitesh.srivastava · November 1, 2018, 10:15am

Hi @leon

Is it possible to add the certificates in Tyk and use the certificate only for specific APIs using authentication mode by enabling client certificate?

I think this feature should help to enable certificate checks for specific API

Please correct me if my understanding is not correct

PS: I might be wrong in understanding as started using Tyk couple of weeks ago

ilya · November 1, 2018, 11:35am

ok so i tried configuring my gateway image with a certificate
i mount the certificate to the required path (/opt/tyk-gateway/cer.cer)
and then when i docker run it doesn’t work and in the logs it says
“Server error: loadkeys: open : no such file or directory”

my tyk.conf looks like this:

"http_server_options":{
"use_ssl": true,
"certificates":[
   {
         "domain_name":"my_server",
        "cert_file": "/opt/tyk-gateway/cer.cer"
   }
]
}

leon · November 8, 2018, 9:44am

Do not forget that you should provide both certificate and private key (in PEM format).
In this case error may indicate that “cert_key” is mising.