Over a million developers have joined DZone.

How to Call an API Which Uses a Self-Signed Certificate

DZone's Guide to

How to Call an API Which Uses a Self-Signed Certificate

· Integration Zone ·
Free Resource

Discover how you can get APIs and microservices to work at true enterprise scale.

 The Axway API Gateway, as the name suggests, is often used as a gateway in front of APIs / Web Services. The connection to the API behind the API Gateway often is over SSL. If this connection uses a self-signed certificate (i.e. not VeriSign or another global CA), then how do you configure the trust for this connection?

The first step is to import the certificate into the "Certificates" section of Policy Studio. To do this, click on the "Create/Import" button, which you can see on the bottom of the screenshot below:

Once you've imported the cert, then you need to use it in a policy. In the example below, I have a simple routing policy which will route to a backend server over SSL. The first step is to use a "Static Router" filter in order to enter the backend server name (in this case "dev.company.com") and select the radio button which specifies that I'm connecting over SSL:

I then follow this with a "Connection" filter, and I make sure that the certificate which I imported earlier is checked under "Trusted Certificates", as shown below:

Now, I apply this policy to a path off the API Gateway. Because this policy applies to any relative path, I can call a path like "/myAPI" or "/myOtherAPI" on the API Gateway, and it will be routed to the backed server using the same path. That is all you need to do to connect to an API / Web Service over an SSL connection which uses a self-signed certificate.

APIs and microservices are maturing, quickly. Learn what it takes to manage modern APIs and microservices at enterprise scale.


Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}