Enforce SSL/TLS mutual authn. on REST
21.1. Enforce SSL/TLS mutual authentication on REST endpoints

For the purpose of this guide, the transaction approval REST Interface is used but it pertains to all REST endpoints.

This guide explains how to authenticate REST clients using X.509 client certificates. 

To enforce mutual SSL/TLS on the transaction approval REST endpoint requires the following steps:

  • 1.
    Create a X.509 certificate for the client of the transaction approval REST endpoint (e.g. an eBanking system)
  • 2.
    Create a X.509 certificate for the transaction approval REST endpoint
  • 3.
    Configure the transaction approval in the Config Editor
  • Optionally:

  • 4.
    Create a user to represent the client of the transaction approval (i.e. allow IAM to identify the eBanking system)