As per Apigee documentation, I have created truststore for making backend calls over HTTPs and configured it in my service call out policy as mentioned below. I could see the trust store under Admin --> TLS Certificates from Edge UI. But getting an error "unexpected validation error null" while deploying the proxy. Looks like RMP node doesn't recognize the trust store. I have performed the creation of trust store on Management Server node assuming it will reflect to all the components. Do I need to perform the same on all RMP nodes? Pls help?
Note: I am using Apigee on-prem instance.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ServiceCallout name="SC-Call-To-Source" enabled="true" continueOnError="false" async="false"> <DisplayName>SC-Call-To-Source</DisplayName> <Properties/> <Request variable="request" clearPayload="true"> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <Set> <Path>test/test</Path> </Set> </Request> <Response>response</Response> <HTTPTargetConnection> <Properties/> <URL>https://example.com</URL> <SSLInfo> <Enabled>true</Enabled> <ClientAuthEnabled>true</ClientAuthEnabled> <TrustStore>ref://truststoreref</TrustStore> </SSLInfo> </HTTPTargetConnection> </ServiceCallout>
Assuming you have followed the steps correctly. If not, please verify your steps as mentioned here.
Also in your HTTPTargetConnection - just provide the trust store name. In your case
<TrustStore>truststoreref</TrustStore>
Hope this helps
@Sai Saran Vaidyanathan, as I am using trsutstore reference, configured it like that. I have followed the same steps as described in the Apigee provided document. Here are the steps:
As mentioned in my earlier post, I have created truststore on Management Server node only. Do I need to create the same on each RMP node as they are installed on different nodes?
http://docs.apigee.com/api-services/content/creating-virtual-host
Hi @Mahammad Feroz, The above should work just fine but I have noticed sometimes that you may have to restart your rmps for the truststore changes to considered.
BTW do you see any .bad files in your /opt/nginx/conf.d?
User | Count |
---|---|
7 | |
2 | |
2 | |
1 | |
1 |