Checklist: Secure Network Traffic with the Gateway

This checklist provides the steps necessary to secure network traffic with Kaazing WebSocket Gateway using TLS/SSL:

Step Topic or Reference
Learn about Transport Layer Security (TLS/SSL), and about how TLS/SSL works with the Gateway.
(Recommended) Use trusted certificates issued by a Certificate Authority to secure network traffic with the Gateway. Secure the Gateway Using Trusted Certificates

(Optional) Use self-signed certificates to secure network traffic with the Gateway.

Secure the Gateway Using Self-Signed Certificates
(Optional) Use self-signed certificates to secure network traffic between clients, web browsers and the Gateway. Secure Clients and Web Browsers with a Self-Signed Certificate
(Optional) Use certificates to validate the client's identity to the Gateway. Require Clients to Provide Certificates to the Gateway
(Optional) Use OCSP to check the status of a certificate during TLS handshake and either succeed or revoke the connection. Implement Certificate Revocation Using OCSP

Warning: Using self-signed certificates can result in unpredictable behavior because various browsers, plug-ins, operating systems, and related run-time systems handle self-signed certificates differently. Resulting issues may include connectivity failures and other security issues which can be difficult to diagnose. Instead, use trusted certificates issued from a trusted certificate authority (CA) for real-world development, test, and production environments.

Note: You are not required to configure TLS/SSL for both the client and back-end server connections to the Gateway. For example, you can choose to configure the client-to-gateway connection over WSS and leave the Gateway to back-end server connection using TCP.
TOP