Mutual Authentication with Anypoint Platform
With Anypoint Runtime Fabric version 1.3.60 or later, you can use the Runtime Fabric Settings page in Runtime Manager to enable mutual authentication for connectivity between the Runtime Fabric and Anypoint control plane. Mutual authentication improves the security of communication between Runtime Fabric and Anypoint Platform and is highly recommended. Runtime Fabric instances created after July 15, 2020 have the mutual authentication setting enabled by default.
Before enabling mutual authentication, verify the following endpoint and port are reachable from all Runtime Fabric controller and worker nodes:
-
US control plane:
-
configuration-resolver.prod.cloudhub.io:443
-
-
EU control plane:
-
configuration-resolver.prod-eu.msap.io:443
-
| Failure to meet the previously described connectivity requirements before enabling mutual authentication results in errors with creating/managing application deployments in Runtime Fabric. |
You can use the latest version of the rtfctl utility to validate that all required endpoints are reachable from each Runtime Fabric controller node:
cd /opt/anypoint/runtimefabric ./rtfctl update ./rtfctl test outbound-network --mutual-tls-check