Nav

To Configure Access Management in Anypoint Private Cloud

Overview

This section describes the Access Management features available in Anypoint Platform Private Cloud Edition.

Users running Anypoint Platform Private Cloud Edition can:

  1. Configure User Mangement using LDAP.

  2. Configure an SMTP server to send API Manager alerts from your Anypoint Platform Private Cloud Edition installation

  3. Set your certificates and private key to handle SSL encryption for Anypotnt Platform

  4. Add customized disclaimer to the Anypoint Platform Log-in message

SMTP

The Anypoint Platform Private Cloud Edition requires that you set up your own SMTP email server to deliver email alerts for both API Manager and Runtime manager. The SMTP section on the Access Management menu lets you reference the server that you set up.

This service does not create an SMTP server for you. It is intended to configure with the settings of an existing SMTP server within your environment

In the left navigation bar, click the SMTP option and configure the details for your SMTP server:

on premises features 2c60a

Field Description Example

Host

The host name of your SMTP server

smtp.gmail.com

Port

The port used to communicate to your SMTP server

587

Username

The username to authenticate to your SMTP server

mulesoft.onprem.smtp@gmail.com

Password

Your SMTP password

examplepassphrase

After you set your configuration, click the Save button below.

DNS or IP

You need to provide the DNS or IP with which your instance of the Anypoint Platform is exposed to the local network, this is necessary for Mule runtimes to be able to communicate with it.

  1. Enter Access Management

  2. Select the *DNS/IP tab

  3. fill in the Platform DNS/IP field with the address where you are hosting the platform

  4. Click Save.

on premises features 2f348

Security

You can configure Anypoint Platform to use your own certificate. Additionally, you can choose the cipher and DH groups for the key exchange method, if required.

on prem features 5f98d
  1. From Anypoint Platform, select Access Management.

  2. In the left navigation bar, click Security.

  3. In the Certificate field, click Browse and locate the certificate on your local system.

  4. In the Key field, click Browse button and locate the private key for your certificate.

  5. Click the Save.

  6. Optionally, you can upload your own cipher and Diffie-Hellman group file.

    This provides additional security for Anypoint Platform. However, this step is optional. In most environments you do not need to use this setting.

    1. Deselect Use default ciphers and DH Group.

    2. Enter a set of ciphers from the list of valid nginx ciphers. If you are using Open SSL, you can view this list by running the openssl ciphers command. For example, the cipher you enter should look similar to the following:

      ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384

    3. Generate dhparam.pem (the Diffie-Hellman group file) using the following openssl command:

      openssl dhparam 2048 -out dhparam.pem
    4. Upload the dhparam.pem file from your system.

Disclaimer

By clicking the Disclaimer section you can set up a disclaimer message that your users see when they access the Anypoint Platform’s log-in page.

on prem features d22af

You can set up a custom HTML message as well.