Menu
I am looking to build an API orchestration layer using API Gateway and Lambda.
For my basic use case I want to have a Python script in Lambda that will just relay the request received at the API Gateway from the client (mobile app in this case) and call an external HTTPS service as the backend.
My question is: Our mobile client uses client certificates to talk to our HTTPS endpoint today. How do I go about intercepting that client certificate in my new API Gateway + Lambda setup?
589
You can now configure custom domains for your APIs on Amazon API Gateway using SSL/TLS certificates provisioned and managed by AWS Certificate Manager (ACM).
AWS API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. Lambda is function as a service(FAAS) product of AWS. The combination of these two services is amazing and it is slowly replacing the traditional backend.
Responded here. Copying the answer below for StackOverflow audience-
===
Unfortunately, API Gateway does not support client certificate validation from clients to API Gateway at the moment. We do, however, support client side SSL certificates for authentication by the backends.
Depending on your use-case, you can use various other options in API Gateway to authenticate/authorize your calls from the mobile client; eg API Keys, Custom Authorizers etc. The request from API Gateway to Lambda should already be encrypted.
Hope that helps, Ritisha.
188
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
