I use a Service Callout policy in my proxy and need to define SSL Info. Where can I locate the required key alias? I need it to populate the Key Alias element shown below -
<SSLInfo> <Enabled>true</Enabled> <ClientAuthEnabled>true</ClientAuthEnabled> <KeyStore>myKeystore</KeyStore> <KeyAlias>myKey</KeyAlias> <TrustStore>myTrustStore</TrustStore> </SSLInfo>
Answer by arghya das · Apr 20, 2016 at 01:10 AM
Here's the call:
This call would return you a response like this:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <KeyStore name="freetrial"> <Certs> <Cert>freetrial-cert</Cert> </Certs> <Keys> <Key>freetrial</Key> </Keys> </KeyStore>
The keyalias would be the value of the <Key> element, in this case "freetrial". If there are multiple keys, you will see each of the key aliases.
Answer by Alex Toombs · Jan 18, 2016 at 05:05 PM
Hi @Eskinder,
Do you need the Service Callout to use 2-way SSL (aka Client-SSL), or is the endpoint hosting a self-signed certificate?
If there are no special Client-SSL or certificate trust requirements, then there should be no special SSLInfo config needed.
If you need special SSL config, your Service Callout policy would need the SSLInfo section populated, for example:
<HTTPTargetConnection> <Properties/> <URL>http://example.com</URL> <SSLInfo> <Enabled>true</Enabled> <ClientAuthEnabled>true</ClientAuthEnabled> <KeyStore>myKeystore</KeyStore> <KeyAlias>myKey</KeyAlias> <TrustStore>myTrustStore</TrustStore> </SSLInfo> </HTTPTargetConnection>
More information on this can be found here.
I hope this helps. Thanks!
Hi @Alex, yes I want to use 2-way SSL. Where do I retrieve the key alias to populate the KeyAlias element? I understand the format of the SSL config as I indicated in the original question. Thanks!
Hi!,
I have the same question, can you please help where i can we get the key alias value.
Node.JS Error: Hostname/IP doesn't match certificate's altnames 1 Answer
Is there a way to specify SSLInfo on an LDAP resource? 1 Answer
lookup cache is not working as expected 1 Answer
Regarding 2 way TLS configuration in APIGEE with backend application 1 Answer
Aggregating Raise Fault policies in a single Service Callout policy 1 Answer