このページは、まだ日本語ではご利用いただけません。翻訳中です。
To use this plugin, you must add certificate authority (CA) certificates. These are
stored in a separate ca_certificates
store rather than the main certificates store because
they do not require private keys. To add one, obtain a PEM-encoded copy of your CA certificate
and POST it to /ca_certificates
:
curl -X POST https://localhost:8001/ca_certificates \
-F cert=@cert.pem
The response will contain an id
value that can now be used for the mTLS plugin configurations or consumer mappings:
{
"tags": null,
"created_at": 1566597621,
"cert": "-----BEGIN CERTIFICATE-----\FullPEMOmittedForBrevity==\n-----END CERTIFICATE-----\n",
"id": "322dce96-d434-4e0d-9038-311b3520f0a3"
}
Go through the Gateway Manager:
- In Konnect, click Gateway Manager.
- Select the control plane you want to add the CA certificate to.
- Click Certificates.
- Select the CA Certificates tab.
- Click + Add CA Certificate
- Copy and paste your certificate information and click Save.
You can view your certificate listed in the Certificates tab.
To add a certificate via curl, you need:
curl -X POST https://konnect.konghq.com/api/control_planes/{controlPlaneID}/ca_certificates \
-F cert=@testCACert.pem \
--header "Authorization: Bearer TOKEN"
The id
value returned can now be used for mTLS plugin configurations or consumer mappings.