We are working on deploying the API GW for the first time. It's using the Virtual Appliance with the CA provided MySQL database.
What was found that SSL is NOT enabled in their database. With a requirement to have secure traffic this is a pretty big issue for us - especially when data going out to multiple data centers is over the internet.
Has anyone else run into this? Or have recommendation on mitigations for not having a properly secured TLS implementation for the databases?
I'm a pretty big database newb, so we were relying on the deployed one from CA hoping to have to do minimal configs. Just keep that in mind with any recommendations ....My personal knowledge of MySQL is about 1/10 lol.