I am using Tyk gateway v4.0.0 with docker.
For testing I have set up a mock API behind Tyk gateway.
I was trying out client side mutual TLS(static) on a keyless API.
So far I am only getting the following error:
“error”: “TLS not enabled”
Steps I have followed:
- Created the following API definition:
{
"name": "Mutual TLS auth mock api",
"api_id": "mutual-tls-auth-mock-api-id",
"org_id": "basic",
"auth": {
"use_certificate": true
},
"use_keyless": true,
"use_mutual_tls_auth": true,
"client_certificates": null,
"base_identity_provided_by": "auth_token",
"certificates": null,
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"use_extended_paths": true,
"extended_paths": {
"ignored": [],
"white_list": [],
"black_list": []
}
}
}
},
"proxy": {
"listen_path": "/m-tls/",
"target_url": "http://localhost:7070",
"strip_listen_path": true
}
}
- Generated a self-signed key pair to use with:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
I entered some random text for all the questions. After that I got the key.pem and cert.pem files.
- Called the API with curl:
curl -k --cert cert.pem --key key.pem http://localhost:8080/m-tls/mock_details
Result:
{
"error": "TLS not enabled"
}
with the status code 403.
May I know what am I doing wrong and how to get it right?