Authenticate Access to Your Backend Systems with Client-side SSL Certificates in Amazon API Gateway

Posted on: Sep 22, 2015

You can now generate client-side SSL certificates in Amazon API Gateway and use the public key to verify that HTTP requests to your backend systems originated from Amazon API Gateway. Currently, integration endpoints for Amazon API Gateway are always publicly accessible to the Internet. Now, Amazon API Gateway can generate SSL certificates, such that you can use the public key of the certificate in your backend to authenticate API requests from Amazon API Gateway. This allows you to control and accept only requests originating from Amazon API Gateway, even if your HTTP backend is publicly accessible. Learn more about using client-side SSL certificates in the Amazon API Gateway Developer Guide.