Hi there,
We are trying to enable OCSP stapling for our virtual host on Cloud Apigee solution.
As it is stated here:
https://docs.apigee.com/api-platform/fundamentals/virtual-host-property-reference
the parameter name should be OCSPStapling and value on.
We are trying to update a current virtual host using the management API:
But nothing happens. No OCSPStapling attribute is added to the virtual host entity, we are getting the same entity without change.
Are we doing something incorrectly or there is something wrong with the API?
How to enable OSCP Stapling to current virtual host ?
thanks.
We are trying to update a current virtual host using the management API:...
But nothing happens. No OCSPStapling attribute is added to the virtual host entity, we are getting the same entity without change.
In some cases the Mgmt API will accept and ignore rubbish JSON properties. So if you pass "rubbish" : "anything"
as one of the JSON properties, the Mgmt API will just ignore that.
The VirtualHost properties reference shows this:
<VirtualHost name="vhostName"> <Port>portNumber</Port> <BaseUrl>http://myCo.com</BaseUrl> <OCSPStapling>off|on</OCSPStapling> ...
But, that's XML. Are you using XML or JSON? In the case of JSON, you need to lowercase the first letter of each property, like this:
{ "name": "vhostName", "port": "443", "oCSPStapling" : "on", ...
That may not be intuitive.
This works for me.
$ curl -n -i -X POST /v1 /o/ ORG /e /ENV /virtualhosts \ -H content-type:application/json -d ' { "hostAliases" : [ "test.dinochiesa.net" ], "interfaces" : [ ], "listenOptions" : [ ], "name" : "dinochiesa", "port" : "443", "retryOptions" : [ ], "sSLInfo" : { "ciphers" : [ ], "clientAuthEnabled" : "false", "enabled" : "true", "ignoreValidationErrors" : false, "protocols" : [ ] }, "useBuiltInFreeTrialCert" : true } ' HTTP/1.1 201 Created Access-Control-Allow-Headers: origin, x-requested-with, accept Access-Control-Allow-Methods: GET, PUT, POST, DELETE Access-Control-Allow-Origin: * Access-Control-Max-Age: 3628800 Content-Type: application/json Date: Tue, 22 Sep 2020 17:56:04 GMT Server: Apigee LB Content-Length: 358 Connection: keep-alive { "hostAliases" : [ "test.dinochiesa.net" ], "interfaces" : [ ], "listenOptions" : [ ], "name" : "dinochiesa", "port" : "443", "retryOptions" : [ ], "sSLInfo" : { "ciphers" : [ ], "clientAuthEnabled" : "false", "enabled" : "true", "ignoreValidationErrors" : false, "protocols" : [ ] }, "useBuiltInFreeTrialCert" : true }
Followed by
curl -n -i -X PUT /v1 /o /ORG /e /ENV /virtualhosts /dinochiesa \ -H content-type:application/json -d ' { "hostAliases" : [ "test.dinochiesa.net" ], "interfaces" : [ ], "oCSPStapling" : "on", "listenOptions" : [ ], "name" : "dinochiesa", "port" : "443", "retryOptions" : [ ], "sSLInfo" : { "ciphers" : [ ], "clientAuthEnabled" : "false", "enabled" : "true", "ignoreValidationErrors" : false, "protocols" : [ ] }, "useBuiltInFreeTrialCert" : true } ' HTTP/1.1 200 OK Access-Control-Allow-Headers: origin, x-requested-with, accept Access-Control-Allow-Methods: GET, PUT, POST, DELETE Access-Control-Allow-Origin: * Access-Control-Max-Age: 3628800 Content-Type: application/json Date: Tue, 22 Sep 2020 17:56:58 GMT Server: Apigee LB Content-Length: 383 Connection: keep-alive { "hostAliases" : [ "test.dinochiesa.net" ], "interfaces" : [ ], "listenOptions" : [ ], "name" : "dinochiesa", "oCSPStapling" : "on", "port" : "443", "retryOptions" : [ ], "sSLInfo" : { "ciphers" : [ ], "clientAuthEnabled" : "false", "enabled" : "true", "ignoreValidationErrors" : false, "protocols" : [ ] }, "useBuiltInFreeTrialCert" : true }
If that doesn't solve the problem, then can you please show in detail the management API you are using, including the URL, headers, and payload? Make sure to omit or mask private information, including your credentials.
Thanks Dino. It works now.
We were trying to PUT JSON with Capital letter.