This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

SSL request

Posted on 04-28-2016 01:34 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi, I want to make request to end point which requires SSL certificate to establish connection. How can I add to my request(target endpoint) my ssl certificate. Which topics should I read?

Solved Solved
0 4 375
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
sonali_somase
New Member
Reply posted on --/--/---- --:-- AM

Hi you need to create Keystore on apigee and add certificate to it. Read more about SSL with apigee here

View solution in original post

Jump to Solution
4 REPLIES 4

Posted on --/--/---- --:-- AM
sonali_somase
New Member
Reply posted on --/--/---- --:-- AM

Hi you need to create Keystore on apigee and add certificate to it. Read more about SSL with apigee here

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to sonali_somase
Reply posted on --/--/---- --:-- AM

Hi again. I read everything, but have two issues now.

1) I have only crt file, not .pem. Can I handle crt file via apigee or should manually convert it to PEM.

2) What is a key file? I don't have any key file. I suppose it is not required, but it's required. Where can I get it?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sonali_somase
New Member
In response to
Reply posted on --/--/---- --:-- AM

Hi, Apigee currently supports PEM or DER file format. Key is public key associate with your client certificate, you get it from certificate authority.

You can request these to certificate provider or use opensssl commands for getting the certificate and key into .pem format using existing crt format certificate.

Make sure you key.pem file starts with -----BEGIN ENCRYPTED PRIVATE KEY----- else you will need to convert that also.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to sonali_somase
Reply posted on --/--/---- --:-- AM

So okay now I have der file which contains(open via openssl):

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:9b:71:c1:9b:53
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: Issuer
        Validity
            Not Before: Apr 12 10:40:42 2016 GMT
            Not After : May 12 10:40:42 2017 GMT
        Subject: Subject
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e5:56:2c:74:6c:d7:00:82:5f:f6:9e:a0:3a:f4:
                    4a:e2:b9:ef:35:70:7e:c6:e5:09:27:f4:bb:f0:3a:
                    94:7b:ec:d5:fa:68:08:a8:a8:d1:ff:57:ff:40:83:
                    9f:5e:c9:33:a0:74:c8:bb:4a:4b:24:0c:9f:cc:d9:
                    ab:63:04:0c:fe:b2:52:90:82:12:f2:bb:23:67:38:
                    e0:b4:85:07:c0:54:42:ce:ad:75:ee:ed:5c:a3:35:
                    30:30:8b:61:0b:44:6b:94:a5:da:f6:52:03:10:1a:
                    a2:d2:73:a2:91:e2:f0:d9:f4:a8:b7:bb:15:6c:bc:
                    70:00:41:de:d9:0c:a9:74:80:59:a0:9c:43:bf:0f:
                    47:c7:90:ab:30:e6:cc:dc:3e:2d:10:38:41:8a:cc:
                    3d:22:e2:fa:cc:83:4c:ae:86:c2:e5:06:21:f4:7f
                  
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:51:3A:3C:57:50:50:A1:B4:54:52:EA:0F:36
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier:
                keyid:88:27:17:09:A9:B6:18:60:8B:EC:EB:BA:F6
            X509v3 Certificate Policies:
                Policy: 1.2.840.113635.100.5.1
                  User Notice:
                    Explicit Text: Reliance on this certificate by any party ass                                                           umes acceptance of the then applicable standard terms and conditions of use, cer                                                           tificate policy and certification practice statements.
                  CPS: http://www.apple.com/certificateauthority
            X509v3 CRL Distribution Points:
                Full Name:
                  URI:http://crl.apple.com/wwdrca.crl
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage:
                TLS Web Client Authentication
            1.2.840.113635.100.6.3.1:
                ..
            1.2.840.113635.100.6.3.2:
                ..
            1.2.840.113635.100.6.3.6:
                0g..com.tungsten.iss0...app..com.tungsten.iss.voip0...voip..com.                                                           tungsten.iss.complication0...complication
    Signature Algorithm: sha256WithRSAEncryption
        b0:a5:6a:a5:ec:10:2f:81:c7:e8:78:0f:c9:f8:9b:8e:0a:c9:
        9e:ae:3b:a2:8b:b8:78:05:06:53:81:8e:78:d3:16:77:88:86:
        77:ad:3c:70:c8:a3:1c:4d:de:4d:ad:a1:fd:c7:54:74:a4:56:
        80:47:51:15:ba:e4:2e:51:d8:b5:35:de:d8:5c:1b:53:f9:53:
        e3:38:03:87:0a:d2:73:8f:62:eb:14:df:f3:45:0b:c5:dc:0c:
        81:8a:9a:59:bc:14:dc:66:b0:e9:4f:f7:22:f2:2a:f9:c6:0e:
        d6:d2:42:33:1a:3d:16:a6:c4:e3:74:26:c6:70:4f:59:c8:4b:
        c5:2a:91:d7:cc:05:c4:7c:b9:fd:4f:bd:16:b1:32:22:69:dd:
        08:4f:27:45:10:df:02:50:28:3d:2e:bc:08:4c:0a:b9:4d:e7:
        98:c0:95:56:4b:71:94:b9:2c:a7:09:ae:b7:05:10:6a:96:b0:
        ac:45:40:5d:6a:9b:a3:ff:eb:d4:3e:1f:65:41:0b:ad:27:1e
<br>

Does it consist key? if yes, how can I separate this file into certificate and key files?

Jump to Solution
0 Likes