Name	Name	Last commit message	Last commit date
parent directory ..
api	api
client/certs	client/certs
sidecar	sidecar
.gitignore	.gitignore
README.md	README.md
docker-compose.yml	docker-compose.yml

Name

Last commit message

Last commit date

api

Example: Securitying an API Endpoint

To see this example running, do the following:

docker-compose up

$ curl --cacert sidecar/server-certs/server-ca.pem --key client/certs/mtls-client.key.pem --cert client/certs/mtls-client.cert.pem -k https://localhost

{"data":"I'm secured by an mTLS!"}

Want to see the certificate pinning work?

To see the certificate pinning work:

execute docker-compose down if you are running the service
modify the value of the ALLOWED_CERTIFICATE_FINGERPRINT environment variable on the docker-compose.yml file (for example: ALLOWED_CERTIFICATE_FINGERPRINT=f90c85270cb3c7e2133119f4c02f2f36a17984dc)
run docker-compose up again to bring the service with the new value of ALLOWED_CERTIFICATE_FINGERPRINT applied
execute the same curl describe above again
The result should be:

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.18.0</center>
</body>
</html>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

Example: Securitying an API Endpoint

Want to see the certificate pinning work?

FilesExpand file tree

example

Directory actions

More options

Directory actions

More options

Latest commit

History

example

Folders and files

parent directory

README.md

Example: Securitying an API Endpoint

Want to see the certificate pinning work?