Versions Compared

Version Old Version 2 New Version Current
Changes made by

Nick Judson

Nick Judson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To enable the gateway api service, update the “EnableGatewayApi” in the AppSettings.config file located in the gateway executable directory:

Code Block
languagexml
<appSettings>
  ...
  <add key="EnableGatewayApi" value="true"/>
</appSettings>

run the Gateway configuration wizard and enable the 'Enable API' checkbox. Optionally change the API port (cannot be the same port as other gateway services):

...

In order to provide authentication (and TLS traffic encryption), each client which will access this API must provide a certificate. This certificate must be installed within the “Trusted People” folder of the gateway host machine.

The recommended approach is to create a unique self-signed certificate for each distinct API client. See https://docs.microsoft.com/en-us/powershell/module/pkiclient/new-selfsignedcertificate for information on creating self-signed certificates in Windows. We recommend setting the subject name of the certificate to a value which can identify the consumer (user name, machine name, etc.).

...

Some users have had issues using the above method (specifically the inability to export the certificate). The image below shows an alternate method for generating and exporting both certificates (one with a PK (pfx) and one without (cer)).

...

Once you have run the Powershell command, you will find the new certificate in your Personal folder of the Local machine store.

...

Export this certificate to a file using the default export settings (do not include . You will need to export this file twice, once without the private key, and once with the private key (supply a password when exporting with the private key). Copy this the non-private-key file over to the gateway host and install it into the “Trusted People” store of the Local Computer. This can be achieved by right clicking the certificate file (on the gateway host) and choosing the “install certificate” option.

...

Next, reference the C# client library (Connexion.Gateway.Api.dll, both framework and core assemblies are available) and create a proxy to the gateway. You will need the System.ServiceModel.Primitives and System.ServiceModel.Http packages if you’re targeting .NET core. You will supply the exported certificate with the private key in this method.

Code Block
breakoutModewide
languagec#
using System.Security.Cryptography.X509Certificates;
using Connexion.Gateway.Api;

namespace GatewayApiClientTest
{
    class Program
    {
        static async voidTask Main(string[] args)
        {
            // load the certificate to pass to the gateway api
            var certificate = new X509Certificate2(@"c:\gatewayClienttest\NickLaptop.cerapicert.pfx", "foobar");

            // create a proxy to the GW
            using (var proxy = GatewayApiProxyGatewayApiProxyFactory.CreateProxy("192127.1680.30.191", 80858086, certificate))
            {
                // test the connection
                Console.WriteLine("Calling Query Groups...");
                var response = await proxy.ServiceMethods.Ping();.QueryGroups(new QueryGroupsRequest());
                foreach (var group in response.Groups)
                {
                    Console.WriteLine(group.GroupName);
                }
            }

            Console.ReadLine();
        }
    }

At this point, you can now make API calls to create and modify non-authorized remote agents. In the future, we may enable specific updates to authorized remote agents.

Sample client projects:

View file
nameConnexionGatewayApiTest.zip