Last post Jul 11, 2017 06:47 AM by priyalwalpita
Jul 03, 2017 09:46 AMemail@example.com|LINK
I received a wildcard certificate to setup HTTPS on the webserver (for the client to connect with the frontend server on https).
Now I need to secure the communications between the frontend webserver and the ApiServer. What type of certificates must I obtain? the wildcard certificate is just for the dns name and I must obtain some kinf of server certificate? Any recommemded guide?
Thank you so much,
Jul 04, 2017 06:10 AM|Jean Sun|LINK
Based on my experience the certificate is used when the communication is between Client and webserver. So you should set the frontend to use HTTPS and choose a certificate for that HTTPS connection. About which kind of certificate to choose, you can take
the following link as reference.
About how to secure the communication between the front-end server and other servers, you can take the following link as reference.
Jul 11, 2017 06:47 AM|priyalwalpita|LINK
As I understood, you need to securthe communication between your Web API and the Web App server. i think the best way to achive this is using two way SSL. Using two way SSL you can Authenticate and Authorize your client ( either Web API or Web Server).
Make sure you implement HSTS and Key pining as well as an extra security measure.