Mutual authentication is a means to ensure secure communications between the Data Governance Center service and the Jobserver service. If there is a reverse proxy server between these two services, you can still use mutual authentication.
In the following schema, you can see how the communication is established for mutual authentication between the two services with a reverse proxy server in between.
| Step | Description |
|---|---|
| 1 | The DGC service initiates the communication to the proxy server by sending a Hello message. |
| 2 |
The proxy server sends its public key to the DGC service. The DGC service can then authenticate the proxy server. |
| 3 |
The DGC service validates the received public key with the proxy server's CA certificate. This means that the DGC service has the proxy server's CA certificate in its truststore. |
| 4 |
The DGC service sends its public key to the proxy server. The proxy server can then authenticate the DGC service. |
| 5 |
The proxy server validates the received public key with the DGC CA certificate. This means that the proxy server has the DGC CA certificate in its truststore. |
| 6 | The proxy server initiates the communication to the Jobserver service by sending a Hello message. |
| 7 |
The Jobserver service sends its public key to the proxy server. The proxy server can then authenticate the Jobserver service. |
|
8 |
The proxy server validates the received public key with the Jobserver service's CA certificate. This means that the proxy server has the Jobserver service's CA certificate in its truststore. |
|
9 |
The proxy server sends its public key to the Jobserver service. The Jobserver service can then authenticate the client side of the reverse proxy server. |
| 10 |
The Jobserver service validates the received public key with the proxy server's CA certificate. This means that the Jobserver service has the proxy server CA certificate in its truststore. |