AnsweredAssumed Answered

Can I restrict the scope of a Trusted Certificate to a defined set of remote addresses?

Question asked by ygirouard_stm on Sep 8, 2017
Latest reply on Sep 13, 2017 by ygirouard_stm

Let's say I want to import our internal root CA in the trust store of the API Gateway, which would make a lot of sense in terms of certificate management, and that I want to be 100% certain that it is trusted only for internal network addresses. How can I do that?

 

For example, say I take our internal root CA and sign a certificate that I use on a public server outside of our corporate network, and that I want the API Gateway to automatically refuse to trust it because it's a public address, is there a way to do this?

Outcomes