Customer Question:
Recently we had a new Org with 2 environments created.
Org: customer-org-dev
Environments: Prod and Test
These two environments were provisioned with the default Virtual Hosts: default and secure. We want to use our own cName instead of the customer-org-dev-prod.apigee.net and customer-org-test.apigee.net cNames.
What is the process change the cNames for each virtual host? What is needed to enable https for our own cNames?
Solved! Go to Solution.
EDIT - This is an outdated answer. This was current as of 2015. But now, in Apigee Edge, customers can configure their own CNAMEs.
https://docs.apigee.com/api-platform/fundamentals/virtual-hosts#abouthostaliasesanddnsnames
This is a two step process.
1. What we will need from you is the CNAME you want to use for each virtual host per environment. This is a change that is not self service. Please, provide the Virtual Host configuration as outlined in the example below through the Support Portal.
Example:
Organization | customer-org |
Environment | dev |
auto-provisioned hostname | customer-org-dev.apigee.net |
And also list the virtual hosts and the hostnames associated to each.
2. To enable https for dev.customer.com to use SSL for on port 443 we will need a key-store which contains a Private Key, Public Key, and CAchain for dev.customer.com. You can create this key-store and provide it to us via a secure method like GPG. Apigee Support can provide their GPG pubic key so you may securely send it to Apigee. Apigee Support can also generate the Private Key and provide you with a CSR to obtain a Public Key and CAchain which you can simply email to back to them.
EDIT - This is an outdated answer. This was current as of 2015. But now, in Apigee Edge, customers can configure their own CNAMEs.
https://docs.apigee.com/api-platform/fundamentals/virtual-hosts#abouthostaliasesanddnsnames
This is a two step process.
1. What we will need from you is the CNAME you want to use for each virtual host per environment. This is a change that is not self service. Please, provide the Virtual Host configuration as outlined in the example below through the Support Portal.
Example:
Organization | customer-org |
Environment | dev |
auto-provisioned hostname | customer-org-dev.apigee.net |
And also list the virtual hosts and the hostnames associated to each.
2. To enable https for dev.customer.com to use SSL for on port 443 we will need a key-store which contains a Private Key, Public Key, and CAchain for dev.customer.com. You can create this key-store and provide it to us via a secure method like GPG. Apigee Support can provide their GPG pubic key so you may securely send it to Apigee. Apigee Support can also generate the Private Key and provide you with a CSR to obtain a Public Key and CAchain which you can simply email to back to them.
Looks like this post should be updated...I tried to follow this process and the Apigee support folks are now saying that i need to create my own trust store, my own CSR request, and upload the certs myself. This is the exact text:
"I gather from earlier comments that you would required our help in generating CSR and private key. Due to various security reasons, Apigee prefers customers to generate the CSR, private key and get CA approved certs and then upload them to key store in Apigee Edge.
Please refer this community article for help on creating CSRs:
https://community.apigee.com/articles/2770/how-to-create-a-private-key-and-generate-a-csr.html
Once Private key is created and necessary public cert, intermediate and root certs are obtained, you can then upload it to keystore in your org referring to steps here:
http://docs.apigee.com/api-services/content/keystores-and-truststores
Once keystore is ready, I can go ahead and make necessary virtual host changes.
Please get back to me if you have any questions or concerns with this approach."
For doc on virtual hosts and custom domain names, see the doc here:
http://apigee.com/docs/api-services/content/virtual-hosts
For more on configuring SSL, see:
http://apigee.com/docs/api-services/content/configuring-ssl-cloud-based-edge-installation
Stephen
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |