Gateway TLS Settings
Transport Layer Security (TLS) on Gateway
Configuring TLS
Akeyless Gateway should always be used with TLS to ensure all traffic is encrypted at transit.
If you are working with Load Balancers or reverse proxies in front of your Gateway, TLS should be used for all network connections.
Note
The use of HTTP protocol is considered insecure and discouraged; thus, remote Gateway configuration is not supported over HTTP. If you wish to configure your gateway remotely make sure you do it over HTTPS.
To configure TLS, on your Gateway Configuration Manager under the General tab:
-
Select the cloud icon next to TLS Certificate
-
Upload a TLS Certificate and provide a TLS Private Key in a PEM format and Save.
Updating a TLS Certificate
Updating a TLS certificate can be accessed through the CLI by using the following command:
akeyless gateway-update-tls-cert --gateway-url <https://Your-Akeyless-Gateway-URL:8000> --cert-data <TLS Certificate(base64 encoded)>
The command's full parameters are:
cert-data
: TLS Certificate (base64 encoded), this flag is ignored ifcert-file-name
is supplied.cert-file-name
: Path to the file containing the TLS Certificate, this flag is ignored ifcert-data
is suppliedkey-data
: TLS Private Key (base64 encoded), this flag is ignored ifkey-file-name
is suppliedkey-file-name
: Path to the file containing the TLS Private Key, this flag is ignored ifkey-data
is suppliedgateway-url[=http://localhost:8000]
: Akeyless Gateway URL (Configuration Management port).
Updated 10 months ago