{ Community }
  • Academy
  • Docs
  • Developers
  • Resources
    • Community Articles
    • Apigee on GitHub
    • Code Samples
    • Videos & eBooks
    • Accelerator Methodology
  • Support
  • Ask a Question
  • Spaces
    • Product Announcements
    • General
    • Edge/API Management
    • Developer Portal (Drupal-based)
    • Developer Portal (Integrated)
    • API Design
    • APIM on Istio
    • Extensions
    • Business of APIs
    • Academy/Certification
    • Adapter for Envoy
    • Analytics
    • Events
    • Hybrid
    • Integration (AWS, PCF, Etc.)
    • Microgateway
    • Monetization
    • Private Cloud Deployment
    • 日本語コミュニティ
    • Insights
    • IoT Apigee Link
    • BaaS/Usergrid
    • BaaS Transition/Migration
    • Apigee-127
    • New Customers
    • Topics
    • Questions
    • Articles
    • Ideas
    • Leaderboard
    • Badges
  • Log in
  • Sign up

Get answers, ideas, and support from the Apigee Community

  • Home /
  • Edge/API Management /
avatar image
0
Question by Eskinder · Jan 14, 2016 at 04:13 PM · 1.4k Views api proxysslservice calloutsslinfo

How to retrieve key alias for SSL Info in Service Callout

I use a Service Callout policy in my proxy and need to define SSL Info. Where can I locate the required key alias? I need it to populate the Key Alias element shown below -

<SSLInfo>
  <Enabled>true</Enabled>
  <ClientAuthEnabled>true</ClientAuthEnabled>
  <KeyStore>myKeystore</KeyStore>
  <KeyAlias>myKey</KeyAlias>
  <TrustStore>myTrustStore</TrustStore>
</SSLInfo>
Comment
Add comment
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Close

2 Answers

  • Sort: 
avatar image
1

Answer by arghya das · Apr 20, 2016 at 01:10 AM

@Riaz Mohammed

Here's the call:

This call would return you a response like this:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<KeyStore name="freetrial">
    <Certs>
        <Cert>freetrial-cert</Cert>
    </Certs>
    <Keys>
        <Key>freetrial</Key>
    </Keys>
</KeyStore>

The keyalias would be the value of the <Key> element, in this case "freetrial". If there are multiple keys, you will see each of the key aliases.

Comment
Add comment · Link
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image
0

Answer by Alex Toombs · Jan 18, 2016 at 05:05 PM

Hi @Eskinder,

Do you need the Service Callout to use 2-way SSL (aka Client-SSL), or is the endpoint hosting a self-signed certificate?

If there are no special Client-SSL or certificate trust requirements, then there should be no special SSLInfo config needed.

If you need special SSL config, your Service Callout policy would need the SSLInfo section populated, for example:

<HTTPTargetConnection>
	<Properties/>
	<URL>http://example.com</URL>
	<SSLInfo>
		<Enabled>true</Enabled>
		<ClientAuthEnabled>true</ClientAuthEnabled>
		<KeyStore>myKeystore</KeyStore>
		<KeyAlias>myKey</KeyAlias>
		<TrustStore>myTrustStore</TrustStore> 
	</SSLInfo>
</HTTPTargetConnection>

More information on this can be found here.

I hope this helps. Thanks!

Comment
Add comment Show 2 · Link
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Eskinder · Jan 18, 2016 at 05:10 PM 0
Link

Hi @Alex, yes I want to use 2-way SSL. Where do I retrieve the key alias to populate the KeyAlias element? I understand the format of the SSL config as I indicated in the original question. Thanks!

avatar image Riaz Mohammed Eskinder · Apr 19, 2016 at 10:01 PM 0
Link

Hi!,

I have the same question, can you please help where i can we get the key alias value.

Follow this Question

Answers Answers and Comments

34 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

Node.JS Error: Hostname/IP doesn't match certificate's altnames 1 Answer

Is there a way to specify SSLInfo on an LDAP resource? 1 Answer

lookup cache is not working as expected 1 Answer

Regarding 2 way TLS configuration in APIGEE with backend application 1 Answer

Aggregating Raise Fault policies in a single Service Callout policy 1 Answer

  • Products
    • Edge - APIs
    • Insights - Big Data
    • Plans
  • Developers
    • Overview
    • Documentation
  • Resources
    • Overview
    • Blog
    • Apigee Institute
    • Academy
    • Documentation
  • Company
    • Overview
    • Press
    • Customers
    • Partners
    • Team
    • Events
    • Careers
    • Contact Us
  • Support
    • Support Overview
    • Documentation
    • Status
    • Edge Support Portal
    • Privacy Policy
    • Terms & Conditions
© 2021 Apigee Corp. All rights reserved. - Apigee Community Terms of Use - Powered by AnswerHub
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Create an article
  • Post an idea
  • Spaces
  • Product Announcements
  • General
  • Edge/API Management
  • Developer Portal (Drupal-based)
  • Developer Portal (Integrated)
  • API Design
  • APIM on Istio
  • Extensions
  • Business of APIs
  • Academy/Certification
  • Adapter for Envoy
  • Analytics
  • Events
  • Hybrid
  • Integration (AWS, PCF, Etc.)
  • Microgateway
  • Monetization
  • Private Cloud Deployment
  • 日本語コミュニティ
  • Insights
  • IoT Apigee Link
  • BaaS/Usergrid
  • BaaS Transition/Migration
  • Apigee-127
  • New Customers
  • Explore
  • Topics
  • Questions
  • Articles
  • Ideas
  • Badges