Can I use a variable for the value of KeyStore and KeyAlias in SSLInfo?

I'm getting validation errors when trying to use {...} style variables or ref attributes. We have need to dynamically set the values for these based on the developer app accessing the proxy (using custom attributes specified in the developer app). I've read in another thread that this isn't possible in Javascript.

2 6 776
6 REPLIES 6

Not applicable

Hi @Ryan.Aviles,

I do not think you can pass a variable for the SSL info.

What is the usecase, that needs the keystore to be be dynamic?

You can add multiple certs to the same trust store and use it in the SSL info, if you are looking for a mutual SSL usecase.

Not applicable

Adding multiple certs to the trust store is not an issue. You can do that Today. But the trust store name will remain the same.

Not applicable

Hmm, Interesting usecase Ryan. Let me think about it.

Meanwhile, i suggest the following workaround...

1. Create mulitple target endpoints - one for each key alias in your truststore.

2. Route the request based on the developer app to appropriate endpoint.

Let me know if you are already using this approach.

There is another customer who wants to be able to dynamically assign a keystore/truststore that will be used for SSL at the target endpoint.

His usecase is as follows:

a) handle different types of endpoints and service providers

b) use different client certificate for different endpoints

c) have different truststore for each endpoint with appropriate CA certificates, so that he can trust specific certificates for a given endpoint

Currently we cannot use the variables for any of the attributes within SSLInfo. Our Engineering team is working towards implementing this feature in a future release.

You can follow up on the availability of this feature at http://apigee.com/docs/release-notes/content/apigee-release-notes

Dear @Ryan.Aviles,

You can now set the SSLInfo settings dynamically through variables with the help of the new feature introduced in the latest version of Edge for Cloud. Refer to more details about this in the section "SSLInfo variables in TargetEndpoint configurations" in the Releases Notes.

Regards,

Amar