What is an API Gateway?

Congrats to Parth Vikani for being the first lucky viewer to answer the question correctly! Thank you again to everyone who participated in the contest and please make sure to subscribe!

SSL termination (or SSL offloading) is the process of decrypting this encrypted traffic. Instead of relying upon the web server to do this computationally intensive work, we can use SSL termination to reduce the load on our servers, speed up the process, and allow the web server to focus on its core responsibility of delivering web content.

There's a lot to learn in IT, and often times you become anxious. However, the great deal about IBM Technology, is that you get a preview of your concerned aspect of Technology before you can actually dive deep into learning it, which makes it a lot easier because by then you will have a clear perspective and concept about your Technology of concern. Thank you IBM Technology.

HI Jason , Thanks for your nice explanation.
""SSL Termination""
For all incoming HTTPS connections, the load balancer service ends the SSL connection and establishes a plain text HTTP communication with the back-end server. CPU-intensive SSL handshakes and encryption or decryption tasks are shifted away from the back-end servers, allowing them to use all their CPU cycles for processing application traffic.

IBM is doing nice things.
Engaging with us through this medium helps to solidify our virtual bond between us.
I hope IBM makes a lot of these videos in the future. And at some point create a playlist so viewers can understand the flow, like from where it would be great to start and where are we going towards.
Love you guys.
And although many people have already answered the question of "What is SSL termination", I will attempt to answer that question because "what if...", here you go:
SSL termination refers to the process of decrypting encrypted traffic before passing it along to a web server. 💁

SSL termination is a process where we decrypt and offload the encrypted SSL data within the API Gateway instead of going to our backend microservices which helps performance of our frontend.

SSL Termination is basically refers to the process of decrypting the encrypted traffic/data before passing it to a web server that helps the web server to speed up its process so that it can smoothly deliver the content that is requested by the client

The presentation and production quality are super duper amazing. I wish any content would look like this

The backwards writing is beyond impressive. How has no one commented on that yet

Thanks so much for all these videos. I am binge watching them in no particular order. I love these videos

SSL termination is the process of decrypting HTTPS traffic and forwarding plain HTTP traffic to downstream systems. In the context of API Gateway, one could imagine a publicly accessible API Gateway to do the SSL termination and safely route HTTP traffic to private services thus saving on some computational overhead.

Thanks for having this channel IBM. I think IBM has done a good job in social responsibility by sharing valuable info, knowledge to the everyone. thumb up IBM.

Hey!
SSL termination refers to the process of decrypting encrypted SSL/TLS traffic at a network device, such as a load balancer or reverse proxy, before forwarding it to the destination server. When SSL termination occurs, the encrypted traffic is decrypted, allowing the network device to inspect, route, and process the data in plaintext.

SSL( Secure Socket Layer). SSL Termination is the process of decrypting encrypted traffic before passing it to a web server. This prevents you from relying upon the webserver to do this intensive computational work. Help reduce the load on the server and speed up the process which is very important in a microservice architecture like you have just shown.

The thing I love most about this video is how your shirt was custom made for this video. I would want *that* specific shirt. Kudos for going the extra mile! Also, nice job on the technical explanation too! ;-)

SSL termination is a process by which SSL-encrypted data traffic is decrypted (or offloaded). Servers with a secure socket layer (SSL) connection can simultaneously handle many connections or sessions. SSL termination helps speed the decryption process and reduces the processing burden on backend servers.

This is the reason I like IBM Technology explanation no such boring thing here.

SSL Termination, also known as “SSL Offloading”, is the process of decrypting SSL-encrypted traffic. The process of decrypting SSL-encrypted traffic is CPU intensive and can impact your application’s performance due to the additional processing required.

SSL termination is the decryption of encrypted traffic. Instead of relying on the web server to do this intense work it can be used to reduce the load and it also allows the webserver to focus on its core responsibilities

Amazingly explained, love the way it was. Thanks.

Nice video!! A secure socket layer (SSL) connection uses a certificate for authentication before sending encrypted data from a client computer to the web server.

Cool, videos, and very informative at the high level. very well presented. love it. thank you!!

Was really helpful to see it broken down on this your reverse see-through board.
Funny thing is the ‘API Gateway’ concept is actually the best analogy for the role I currently play in leading my Tech team - hahah.
The Human API Gateway Broker(H.A.G.B)

SSL is a security mechanism based on adding a trust certificate that helps to keep the endpoints secure. Not absolute security but it helps a lot

Very Nice & Simplified Presentation. Thanks for providing valuable topic.

API Gateway also can be used to make async request and responses. So that it can send ackw to requester and can use hook to write the response when it available as well. Is sort of type of socket by API Gatway can also be used.

SSL termination involves decrypting encrypted HTTPS traffic at a specific point, like a load balancer or reverse proxy, before sending it to backend servers. These relieve the backend servers from handling encryption tasks, enhancing performance, and simplifying certificate management.

daaamn these educators are what i wish i had in my college

hmm doesn't make sense, if you were going to perform another request for price + info without api gateway. what makes you NOT perform another request with an api gateway in the middle?

Servers with a secure socket layer (SSL) connection can simultaneously handle many connections or sessions. An SSL connection sends encrypted data between an end-user’s computer and web server by using a certificate for authentication. SSL termination helps speed the decryption process and reduces the processing burden on backend servers.

How did you improve client performance? You still have 5 roundtrips, just done by the API gateway instead of the client. Did you mean to say it's faster because the API Gateway sits closer to the microservices themselves?

SSL termination in API gateway is the gateway itself as the frontline facing client, having the SSL certificate and decrepting the request before passing to backend services. Noting that before passing to backend services, you may (optionally) choose another SSL (mTLS) to encrypt the transport between the gateway and your backend.

SSL termination (or SSL offloading) is the process of decrypting this encrypted traffic. Instead of relying upon the web server to do this computationally intensive work, you can use SSL termination to reduce the load on your servers, speed up the process, and allow the web server to focus on its core responsibility of delivering web content.

TLS termination proxy (or SSL termination proxy,[1] or SSL offloading[2]) is a proxy server that acts as an intermediary point between client and server applications, and is used to terminate and/or establish TLS (or DTLS) tunnels by decrypting and/or encrypting communications.

SSL termination works by intercepting encrypted traffic at the server receiving data from the SSL connection. It helps the server by decrypting and verifying the data on a different device so the server does not need to handle the process.

Great video for the API Gateway.
it would be wonderful if you can illustrate how load balander works with the API Gateway.

Thank you so much for this great video, liked!

Good presentation but it's missing the biggest deal in an API Gateway. The web-interface or any other user/API interface will not need to be concerned with the complexities of the backend services that are implemented. They are totally transparent to these applications and allows for further development and decommissioning of services without any impact on the end-clients.
To your SSL Termination question, the answer is in your own definition of an API Gateway. The decryption of encrypted data can be performed once and remove the burden from the backend services to deal with it. Since the security portion of the traffic is ensured in that enclosed ecosystem, there is no need to impose encryption/decryption to the processes.
The similar process is defined in a Kubernetes (containerization model) where internal traffic is simplified.

Interesting methodology ! many thanks

I've seen a load balancer placed in front of an API gateway. But, should we put one behind the gateway as well? Considering that the services may be horizontally scaled.

Great explanation!

SSL is secure socket layer , It is used to secure the data that is flow from the API to the client and Client to the API . By which we can achieve the security for the data from a malicious attack

SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for establishing authenticated and encrypted links between networked computers.

SSL Termination, Secure Socket Layer Termination, it work on OSI layer7 we decrypt handshake, for example if igress traffic is comings on port 443 we decrypt it then it will route on port 80. cryptography will happen at application load balancer.

Always interesting! Thx

Dude. You rock! Thanks man.

SSL termination means traffic will not be encrypted, between the load balancer or reverse proxy and the back-end server.

SL connection sends encrypted data between an end-user’s computer and web server by using a certificate for authentication. SSL termination helps speed the decryption process and reduces the processing burden on backend servers.

Excellent presentation

SSL termination describes the transition process when data traffic becomes encrypted and unencrypted. This happens at the server end of a secure socket layer (SSL) connection.

SSL termination is the process to establishing or terminating a connection between two application (usually client and server) by putting encryption/decryption.

Great video, thanks.

nice thanks for the knowledge

Just curious, how does an api gateway reduce latency? Isn't it an extra hop the request needs to go through?

you are performing all encryption and decryption at the edge of your network, such as at the load balancer. The load balancer strips away the encryption and passes the messages in the clear to your servers.

I understand that the gateway is practical to bundle requests and handle authentication and other things in one place, but how do prevent it from becoming a bottleneck for the scalability part? just multiple instances and clients being distributed to them either on connection or due to region? Does that mean there would be another gateway before to make that decision/assigment?

Awesome explanation

SSL Termination, also known as “SSL Offloading”, is the process of decrypting SSL-encrypted traffic

SSL termination is where we decrypt, encrypted traffic. Is beneficial to do on a hardware chip on your server, to offload the CPU on requets

SSL stands for Secure Socket Layer
it provides security to the data transferred between web browser and server

SSL ( Secure Socket Layer ) Termination : Process of decrypting encrypted traffic at API Gateway before passing it along to a web/other servers

Very informative 🙂

Is the API gateway behind a load balancer ?? When a user interacts does his/her request go to load balancer first or API gateway?

great video as always and thank you !
I just thinking out loud, is not SSL termination is against the zero trust architecture?

IBM has good teachers.

SSL stands for secure socket layer. Looking forward to collecting this catchy t-shirt after a year 🙂

great video. do you have anything on WSS or Squid?

SSL Termination happens when an incoming client https protocol can be translated by the API gateway and just convert to http protocol to communicate with the server.

SSL termination refers to the process of decrypting encrypted traffic before passing it along to a web server.

Ssl termination means authenticating the user requests within api gateway without going to microservices components.

Thank you!

What about SWARM for loadbalancing the API gateway ? instead of separating the api gateways for IOS/android, browser, etc... ?

SSL Termination in API GATEWAY terms is when API GATEWAY will accept incoming and send out going request in HTTPS to clients but the communication to server or Microservices is HTTP.

After write and build Api where can upload and run it over internet

Can anyone help with the order to watch this playlist? Beginner here

how do they do the reversed writing?🤔
Great video!

ssl termination reduces the load on web servers during data exchange, better for performance. but remember it done from an API gateway to a webserver instead of from client to server

If the system is going to expect heavy traffic due to the holiday season, and in this case, should we not add the smart load balancers.

Thank you.

SSL - Secure Sockets Layer. It’s an encryption-based Internet security protocol. 😊 I really would love to have this T-shirt. 🎉

Gracias

Very concise explanation..no noise. Thanks a lot! Could have offered couple of more Tshirts..I liked the tshirt comment 😁😁✌

I like those t-shirts and API's :)

Hmm...how can the client faster (Web app) via a centralise API Gateway I wonder.
Day1- Web app communicates to various microservices to constructs the Web pages
Day2- Web app communicates via the API Gateway. The API Gateway communicates to various microservices. Now the Gateway API becomes bottle neck.
I agree that the Gateway API will have provide authentication and secured data transport.
IoT jargon is included into the conversation and should not be as it is for another conversation whether Gateway API supports MQTT and/or CoAP/LwM2M/IPSO. I believe.
In general, I love IBM short conversations to explain various concepts.

SSL termination is the process of ending an encrypted SSL/TLS connection and passing unencrypted requests to a backend server. The SSL/TLS encryption is terminated at a designated point, usually a load balancer or a reverse proxy, and the unencrypted request is then sent to the backend server.
This approach is used in situations where it is not necessary to encrypt the entire end-to-end communication, or where the backend server is not capable of handling SSL/TLS encryption. By terminating the SSL/TLS connection at the load balancer or reverse proxy, the load on the backend server can be reduced, and performance can be improved.
However, it's important to consider the security implications of SSL termination, as unencrypted data is vulnerable to interception and tampering. Therefore, it's critical to secure the connection between the load balancer/reverse proxy and the backend server with appropriate network security measures.

6:37 "decrypt and offload the encrypted SSL data within the API Gateway" in what terms this offloads anything? offloads what from who?

Ok API gateways are amazing and awesome but how do you manage and implement your API gateway using the relevant tools, how do you make sure the API gateway is working properly, and how do you manage them, how don you make them highly available since everything from client side to backend side is going through them?
I'd sincerely appreciate it if one of the engineers from IBM could answer my question 🤓☺️

How does API Gateway handle a global/shared transaction between a few microservices? Let's say we want some functionalities of the Order Svc and the Inventory Svc to be part of a single transaction in the API Gateway that either succeeds and commits as a whole, or reverts all the changes from these microservices on error.

SSL termination is the process of decrypting encrypted data before sending it to the server, and then later it's encrypted again before sending it to the user.

SSL terminiation is the point that SSL session ends, and http session start from that point onwards.

removing the need for extra layer of security ?

Can you make this video once again in more depth, please !! 🙏🏻

Why all the text is hard to read? Can't even see where you've written API Gateway.

secure socket layer
used as data encryption based internet security protocol

SSL stands for Secure Socket Layer

please share link to buy the t-shirt. thanks.

SSL stands for Secure socket layer

Let's see if I get a t-shirt for that: SSL termination is when you remove your shoes before entering your house. Results in a smaller footprint of the "traffic" around rooms. Makes all holes in your socks exposed to everyone at home. Allows you to step an a lego and enjoy it for the rest of the evening.

Can someone answer what tool is used to make such a cool presentation?

SSL termination ---> removing 's' from http, the secure credential, that need not be authenticated. By this an additional effort is not needed for SSL handshake.