cancel
Showing results for 
Search instead for 
Did you mean: 

How to use mTLS with approuter

qjkobe
Advisor
Advisor
368

The a server-to-server scenario. Server A is an external server. Server B is approuter. Server A call approuter with certificate and private key. Then approuter verify the certificate and retrieval token from xsuaa then forward the certificate to cloud foundary apps by header: x-forwarded-client-cert

As approuter documents says https://www.npmjs.com/package/@sap/approuter

But I failed. Kindly ask that can approuter fit my requirement? And is there an example for this?


Accepted Solutions (0)

Answers (1)

Answers (1)

CarlosRoggan
Product and Topic Expert
Product and Topic Expert
0 Kudos

First you can check if mTls is activated for your instance of XSUAA.
Approuter is bound to xsuaa, right?
so you can run cf env myapprouter
In the xsuaa-credentials, you can see the property credential-type, which should have value "x509".
If value is "binding-secret" or "instance-secret", then you have to update your service instance and configure it to use mtls.

"oauth2-configuration": {
   "credential-types": ["x509"]