This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to setup cNames for new orgs and environments

Posted on 02-17-2015 01:49 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Customer Question:

Recently we had a new Org with 2 environments created.

Org: customer-org-dev

Environments: Prod and Test

These two environments were provisioned with the default Virtual Hosts: default and secure. We want to use our own cName instead of the customer-org-dev-prod.apigee.net and customer-org-test.apigee.net cNames.

What is the process change the cNames for each virtual host? What is needed to enable https for our own cNames?

Solved Solved
1 3 1,309
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

EDIT - This is an outdated answer. This was current as of 2015. But now, in Apigee Edge, customers can configure their own CNAMEs.
https://docs.apigee.com/api-platform/fundamentals/virtual-hosts#abouthostaliasesanddnsnames

This is a two step process.

1. What we will need from you is the CNAME you want to use for each virtual host per environment. This is a change that is not self service. Please, provide the Virtual Host configuration as outlined in the example below through the Support Portal.

Example:

Organization customer-org
Environment dev
auto-provisioned hostname customer-org-dev.apigee.net

And also list the virtual hosts and the hostnames associated to each.

2. To enable https for dev.customer.com to use SSL for on port 443 we will need a key-store which contains a Private Key, Public Key, and CAchain for dev.customer.com. You can create this key-store and provide it to us via a secure method like GPG. Apigee Support can provide their GPG pubic key so you may securely send it to Apigee. Apigee Support can also generate the Private Key and provide you with a CSR to obtain a Public Key and CAchain which you can simply email to back to them.

View solution in original post

Jump to Solution
3 REPLIES 3

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

EDIT - This is an outdated answer. This was current as of 2015. But now, in Apigee Edge, customers can configure their own CNAMEs.
https://docs.apigee.com/api-platform/fundamentals/virtual-hosts#abouthostaliasesanddnsnames

This is a two step process.

1. What we will need from you is the CNAME you want to use for each virtual host per environment. This is a change that is not self service. Please, provide the Virtual Host configuration as outlined in the example below through the Support Portal.

Example:

Organization customer-org
Environment dev
auto-provisioned hostname customer-org-dev.apigee.net

And also list the virtual hosts and the hostnames associated to each.

2. To enable https for dev.customer.com to use SSL for on port 443 we will need a key-store which contains a Private Key, Public Key, and CAchain for dev.customer.com. You can create this key-store and provide it to us via a secure method like GPG. Apigee Support can provide their GPG pubic key so you may securely send it to Apigee. Apigee Support can also generate the Private Key and provide you with a CSR to obtain a Public Key and CAchain which you can simply email to back to them.

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Looks like this post should be updated...I tried to follow this process and the Apigee support folks are now saying that i need to create my own trust store, my own CSR request, and upload the certs myself. This is the exact text:

"I gather from earlier comments that you would required our help in generating CSR and private key. Due to various security reasons, Apigee prefers customers to generate the CSR, private key and get CA approved certs and then upload them to key store in Apigee Edge.

Please refer this community article for help on creating CSRs:

https://community.apigee.com/articles/2770/how-to-create-a-private-key-and-generate-a-csr.html

Once Private key is created and necessary public cert, intermediate and root certs are obtained, you can then upload it to keystore in your org referring to steps here:

http://docs.apigee.com/api-services/content/keystores-and-truststores

http://docs.apigee.com/management/apis/post/organizations/%7Borg_name%7D/environments/%7Benv_name%7D...

Once keystore is ready, I can go ahead and make necessary virtual host changes.

Please get back to me if you have any questions or concerns with this approach."

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sgilson
New Member
Reply posted on --/--/---- --:-- AM

For doc on virtual hosts and custom domain names, see the doc here:

http://apigee.com/docs/api-services/content/virtual-hosts

For more on configuring SSL, see:

http://apigee.com/docs/api-services/content/configuring-ssl-cloud-based-edge-installation

Stephen

Jump to Solution
0 Likes