You can configure Access Gateway to use SSL in its connections to Embedded Service Provider (ESP), browsers, and its web servers.
Enable SSL with ESP: To encrypt the data exchanged for authentication (a communication channel between Identity Server and Access Gateway). This option is available only for the reverse proxy that has been assigned to perform authentication.
If you enable SSL between browsers and Access Gateway, this option is automatically selected. You can enable SSL with the ESP without enabling SSL between Access Gateway and browsers. This allows the authentication and identity information that Access Gateway and Identity Server exchange to use a secure channel. However, it allows the data, that Access Gateways retrieves from the back-end web servers and sends to users, to use a non-secure channel. This saves processing overhead if the data on web servers is not sensitive.
Enable SSL between Browser and Access Gateway: To configure SSL connections between your clients and Access Gateway. SSL must be configured between browsers and Access Gateway before you can configure SSL between Access Gateway and web servers.
Redirect Requests from Non-Secure Port to Secure Port: To determine whether browsers are redirected to a secure port and allowed to establish an SSL connection. If this option is not selected, browsers that connect to the non-secure port are denied service.
This option is only available if you have selected Enable SSL with Embedded Service Provider.
For information about how to enable SSL between SSL with ESP and how to redirect requests from a non-secure port to a secure port, see Enabling SSL between Browsers and Access Gateway.