We’re pleased to announce that Oracle Cloud Infrastructure (OCI) API Gateway adds the following capabilities that help API developers create more secure APIs:
· TLS certificate management for API Gateway is fully managed inOCI Certificatesmaking the process of creating and managing TLS certificates much easier for API developers. You can create an API gateway with an automatically defined host name, using a built-in, common certificate, which is ideal for simple cases, development, and testing. When publishing APIs into production, companies often want to use their own DNS and use their own TLS server certificates. API Gateway offered this capability already, but now that OCI Certificates aregenerally available, you can create, and manage your certificates in OCI Certificates and select the certificates from API Gateway when creating or updating a gateway.
· API Gateway can use customer provided certificate authorities to validate the authenticity of backend services, also known as defining a trust store. Securing connections using TLS is a best practice, but sometimes customers don’t want to purchase signed TLS certificates for all their private backend services. Using OCI Certificates, you can maintain and use certificate authorities with API Gateway to trust self-signed TLS certificates.
· API Gatewaynow supports client mutual-TLS (mTLS). Developers can create APIs that enforce mTLS client verification, also known as two-way transport layer security (TLS). Client mTLS helps developers create more secure APIs by providing an extra layer of security over open authorization (OAuth2) alone.
Integration with OCI Certificates
OCI Certificates makes it easier to create and maintain TLS certificates and certificate authorities offering automation to manage expiration and renewal. Instead of manually managing TLS certificates and loading them into OCI API Gateway, developers can simply choose from TLS certificate and certificate authority resources maintained in OCI Certificates service. Read the complete article here.
For regular information become a member in the Developer Partner Community please register here.