Table of Contents

Search

  1. Preface
  2. Introduction to API Manager
  3. API management
  4. Organizational access policies
  5. API-specific policies
  6. API groups
  7. Authentication and authorization
  8. API Microgateway Service
  9. Analytics

API Manager Guide

API Manager Guide

Certificates for customized API URLs

Certificates for customized API URLs

Before you configure a customized API URL, you must provide Informatica Global Customer Support with a certificate for the organization API domain. You are limited to providing Informatica with two certificates.

Prerequisites for certificates

The certificate you use for API URL customization must meet the following conditions:
  • The certificate is an SSL/TLS X.509 version 3 certificate. It contains a public key, the fully qualified domain name (FQDN) or IP address of your website, and information about your organization.
  • The certificate is self-signed by your private key or by the private key of an issuing certificate authority (CA). If your certificate is signed by a CA, include the certificate chain when you import your certificate.
  • The certificate, private key, and certificate chain is in PEM format.
  • The private key is unencrypted. You cannot import a private key that is protected by a password or passphrase.
  • The certificate is valid at the time of import. You can request at least one year of validity.
  • The certificate specifies a cryptographic algorithm and a key size. Informatica supports the following algorithms:
    • 1024-bit RSA (RSA_1024)
    • 2048-bit RSA (RSA_2048)

Certificates for multiple sub-domains

If your organization uses multiple sub-domains, you can provide certificates in the following ways:
  • Provide a certificate with a wildcard based domain name. For example, use the domain name
    *.mydomain.com
    to support all domain names that end with
    .mydomain.com
    , such as
    dev.mydomain.com
    ,
    qa.mydomain.com
    , and
    test.mydomain.com
    .
  • Provide a SAN (Subject Alternative Name) based certificate. SAN is an X.509 extension that allows multiple domains to be associated with a single certificate.

0 COMMENTS

We’d like to hear from you!