Accessing Keystores and Certificate files

Not applicable

I have a requirement to digitally sign a XML message. I was trying to use a Java Callout policy to make use of a custom java code for signing the message. But the challenge is how do I access the private and the public keys from my java code?

I went through some of the posts in the community where it says that Apigee does not allow access to files due to security reasons. I wanted to make sure whether this is correct. If so, is there no other way we can sign messages in Apigee? SAML is not an option for me.

Please advise.

0 1 313
1 REPLY 1

Not applicable

Hi @Satyanarayan Mukherjee

Apigee does not provide access to private key for obvious security reasons. I assume you need access to that. You can package your own signing private key in something like secure vault provided by Apigee http://apigee.com/docs/api-services/content/using...

Check if this options works for you.