This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to add/remove Protocols on Apigee VirtualHosts

on ‎02-19-2015 01:45 PM

atoombs
Staff
3 1 1,159

To update VirtualHosts (for example, to remove the availability of SSLv3), you will need to first GET the existing configuration from Management API. Then, you can edit and POST it back to the Management API.

For this example, we are using XML, but you could easily modify this if you prefer JSON.

First, GET the existing configuration:

curl -u $USERID:$PASSWORD -X GET "http://MANAGEMENT_HOST:MANAGEMENT_PORT/v1/o/ORG/e/ENV/virtualhosts/secure" -H "Accept: application/xml"

Then, save the XML to a file (for example, "/tmp/ORG-ENV-secure.xml") to specify only the TLSv1 Protocol. Below is a sample:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<VirtualHost name="secure">
    <HostAliases>
        <HostAlias>myorg.test.com</HostAlias>
    </HostAliases>
    <Interfaces/>
    <Port>443</Port>
    <SSLInfo>
        <Ciphers/>
        <ClientAuthEnabled>false</ClientAuthEnabled>
        <Enabled>true</Enabled>
        <IgnoreValidationErrors>false</IgnoreValidationErrors>
        <KeyAlias>freetrial</KeyAlias>
        <KeyStore>freetrial</KeyStore>
        <Protocols>
            <Protocol>TLSv1</Protocol>
        </Protocols>
    </SSLInfo>
</VirtualHost>

Then, POST the XML back to the Management API:

curl -u $USERID:$PASSWORD -X POST http://MANAGEMENT_HOST:MANAGEMENT_PORT/v1/o/ORG/e/ENV/virtualhosts/secure -H "content-type: application/xml" -d @/tmp/ORG-ENV-secure.xml

Repeat the first command after the POST, to ensure the configuration has been updated.

Topic Labels
Comments
akashtp
Staff
‎06-07-2016 03:15 AM

@Alex Toombs Is there any impact to the system if we disable the any protocols on relevant hosts?

Version history
Last update:
‎02-19-2015 01:45 PM
Updated by: