- Print
- PDF
Client Certificates
- Print
- PDF
Available in Classic and VPC
Client certificate public key can be used to check whether the request HTTP source is the API Gateway from the backend system, and set it to only respond to requests from the API Gateway.
Client Certificates screen and list
The basics of using client certificates menus on API Gateway are as follows.
Field | Description |
---|---|
① Menu name | Name of the menu currently being viewed, number of client certificates in operation |
② Basic features | Create Client Certificate, view detailed API Gateway information, page refresh |
③ Post-creation features | Edit and Delete client certificate in operation |
④ Search window | Enter the certificate name, and then click to search |
⑤ Filter | Filter items based on client certificate status |
⑥ Sort | Set the number of client certificates to display on each list page |
⑦ Client Certificate List | Check Client Certificate list in operation
|
⑧ View | Check, Copy, and Download Client Certificate Public Key of created client certificate |
Create Client Certificate
The following describes how to create a client certificate.
- From the NAVER Cloud Platform console, click the Services > Application Services > API Gateway menus, in that order.
- Click the Client Certificates menu.
- Click the [Create Client Certificate] button.
- Enter the client certificate information, and then click the [Save] button.
- Name: Enter the name for the client certificate.
- Description: Enter the description for the client certificate.
- Client Certificate: Check whether the created client certificate is displayed on the list.
Edit Create Client
The following describes how to edit the client certification description.
- From the NAVER Cloud Platform console, click the Services > Application Services > API Gateway menus, in that order.
- Click the Client Certificates menu.
- Click to select the client certificate to edit from the Client Certificate list, and then click the [Edit] button.
- Edit settings from the Edit Client Certificate screen, and then click the [Edit] button.
Delete Client Certificate
The following describes how to delete a client certificate.
- From the NAVER Cloud Platform console, click the Services > Application Services > API Gateway menus, in that order.
- Click the Client Certificates menu.
- Click to select the client certificate to delete from the Client Certificate list, and then click the [Delete] button.
- Check the details in the Delete pop-up window, and then click the [Delete] button.
Client Certificate use
The created client certificate can be applied to a server and be used.
Refer to Create Stage for information of how to set a created client certificate to an API endpoint.
Check Client Certificates and apply to server
Check, copy and download the public key of the created client certificate.
The following describes how to manage client certificates.
- From the NAVER Cloud Platform console, click the Services > Application Services > API Gateway menus, in that order.
- Click the Client Certificates menu.
- Click the [View] button on the client certificate from the Client Certificate list.
- Check, Copy and Download the public key from the View Client Certificate pop-up window.
- To copy the public key to the clipboard, click .
- To save the public key as a file (
*.pem
), click the [Export] button.
- Apply the copied public key to an endpoint HTTPS server.
In case of an Nginx server, client certificate can be applied as the following.
... server { listen 443 ssl; server_name example.com; ssl_protocols TLSv1.1 TLSv1.2; # HTTPS Certificate ssl_certificate "server-cert.pem"; ssl_certificate_key "server-key.pem"; # Client Certificate ssl_client_certificate "client-cert.pem"; ssl_verify_client on; access_log /var/log/nginx/example.com; ...
Client Certificate replacement
A client certificate is valid for 1 year. To maintain endpoint service, create a new certificate and replace the existing certificate before it expires.
The following describes how to replace a client certificate of an Nginx server.
- From the NAVER Cloud Platform console, click the Services > Application Services > API Gateway menus, in that order.
- Click the Client Certificates menu.
- Click the [Create Client Certificate] button to Create Client Certificate.
- Replace the existing client certificate file of the endpoint with the new certificate and restart the Nginx server.
- Go to the API Set Stage screen of My Products menu, select the new client certificate, and save.
- Delete Client Certificate from the Client Certificates menu to delete the existing certificate.
- Delete the existing certificate from the certificate file applied to the endpoint.