Version 3.2 Documentation

SSL/TLS traffic to external applications

Key features:

  • Services can invoke SSL/TLS-protected HTTP resources, including authentication using client certificates
  • Target server certificates can be validated or ignored
  • Everything can be configured on-the-fly, without restarts or coding

Tasks described in this chapter

  • Uploading and updating client certificates for services to use when connecting to external HTTP resources
  • Uploading CA certificates used for validation of external applications' certificates

Uploading and updating client certificates

  • In Dashboard, go to Security -> SSL/TLS -> Outgoing -> Keys and certs and upload concatenated pairs of PEM certificates and private keys for services to use through outgoing connections. The material cannot be secured with a password.
  • No restarts are needed after updating an already existing pair with a new one.

Uploading and updating CA certificates

  • In Dashboard, go to Security -> SSL/TLS -> Outgoing -> CA certs to upload bundles of certificates, in PEM, to use for validating server certificates services will access through outgoing connections. A bundle may consist of one or more CA certificates, including any intermediate ones.
  • No restarts are needed after updating an already existing bundle of certificates.