A new server configuration called "Enable SSL Mutual Authentication Login" has been added to enable the SSL Mutual Authentication in TIBCO Data Virtualization 8.4. This setting helps the users access the TDV Server resources without a password and with just the user name and domain name

Any client that has SSL mutual authentication enabled with the TDV server can access TDV Server resources directly without a password. User and Domain name is necessary for authorization.

The server configuration setting “Enable SSL Mutual Authentication Login” can be tuned to enable or disable the SSL mutual authentication. By default, this setting is False (SSL mutual authentication is disabled). To enable this, click on Administration -> Configuration -> Server -> Configuration -> Security -> Enable SSL Mutual Authentication Login and set the value to True.

Scenario: Enable 2-way SSL when the request is triggered from a client(Postman) that passes through an API gateway (API GW) and goes to the TDV Server?
-------------------------------------------
Postman -> API GW -> TDV Server
------------------------------------------- 

This article explains the parameter "Enable SSL Mutual Authentication Login" and lists down the steps to configure 2-way Mutual SSL Authentication.

All supported environment

In the above example, it has been considered that the request is coming from a client tool like Postman and it hits an API Gateway and then goes to the TDV Server. Follow the below steps to configure 2-way SSL:

1. Import API GW certificates in the TDV Truststore
2. Enabled the SSL mutual authentication to True
3. Configure 2-way SSL in API GW by importing TDV certificates
4. Trigger the TDV Odata URL with username@domain (without password).

It is advised to use an LDAP account user details for triggering the endpoint.