Outbound TLS rule

This rule uses TLS certificates to verify outbound endpoints during API processing.

Verifies TLS certificates for outbound requests to external endpoints. When a Snaplex receives a request for an external endpoint and this rule is configured, the Snaplex connects to the external resource as a client and verifies the server TLS certificate. After verification, the Snaplex continues with the request to the external endpoint.

Rule execution order

This rule executes before the other rules.

Field Description
When this rule should be applied An expression that defines one or more conditions that must be true for the rule to execute.

Example: The expression request.method == "POST" causes the rule to execute only on POST requests.

Certificate Input Format Required.Select the method for certificate: The available options are:
  • RAW_TEXT: Opens text field for key files where you can paste the keys.
  • FILE_PATH: Enables filepath selector as you type the path:
    1. Click to preview the file in Manager.
    2. Click to select a file:
    • Under the Project, pick the target file from Manager.
    • Click Upload file button to select a file from your local machine.

When the certificate is input, the Preview Type contains the following options:

  • Hex: Displays the preview data in hexadecimal format.

  • Text: Displays the preview data in text format.

  • Render text with whitespace: Renders whitespaces as dots "." and tabs as underscores "_" in the preview data.

Click Download Preview for a copy on your local machine.

Default value: RAW_TEXT

Example: FILE_PATH
Certificate encryption algorithm Required. RSA.
Note: Currently, only RSA encryption algorithms are supported. RSA

Default value: RSA

Example: RSA
Public key file Enter the public key.
  • The public key should be unencrypted.
  • The client can provide a certificate chain.
  • The certificate should be a valid x509 certificate.
The client can provide a certificate chain. The certificate should be a valid x509 certificate. None
Private key file Enter the unencrypted private key.
Description

Required. A brief description of this rule.

Default value: Outbound requests are being verified using specified TLS certificates.