We are getting the following error for the APIs after we uploading a new certificate to the truststore.
"Unable to identify proxy for host: <org>-<env>.apigee.net:443 and url: \/v1/\/count"
It happens with many of the API proxies. We've tried re-deploying them, but still getting the same error.
The truststore details are as shown below:
{ "certs": [ "mystore-cert", "mystore" ], "keys": [ "mystore" ], "name": "myTruststore" }
Solved! Go to Solution.
1. Checked the Message Processor and noticed that Message Processor was unable to load the specific environment of the org due to the following error:
2017-11-01 03:28:47,560 pool-21-thread-7 ERROR MESSAGING.RUNTIME - AbstractConfigurator.propagateEvent() : Error while handling the update for the Configurator com.apigee.kernel.exceptions.spi.UncheckedException: Failed to add certificate : mystore in key store : myTruststore in environment : dev at com.apigee.entities.configurators.KeyStore.setCertificateEntry(KeyStore.java:156) ~[config-entities-1.0.0.jar:na] at com.apigee.entities.configurators.KeyStore.handleUpdate(KeyStore.java:101) ~[config-entities-1.0.0.jar:na] ... Caused by: java.security.KeyStoreException: Cannot overwrite secret key at com.sun.crypto.provider.JceKeyStore.engineSetCertificateEntry(JceKeyStore.java:354) ~[sunjce_provider.jar:1.8.0_144] at java.security.KeyStore.setCertificateEntry(KeyStore.java:1201) ~[na:1.8.0_144] at com.apigee.entities.configurators.KeyStore.setCertificateEntry(KeyStore.java:153) ~[config-entities-1.0.0.jar:na] ... 20 common frames omitted 2017-11-01 03:28:47,562 pool-21-thread-7 ERROR MESSAGING.RUNTIME - AbstractConfigurator.rollbackTransaction() : Error in processing the changes : Unknown resource type cert
2. The Java exception "java.security.KeyStoreException: Cannot overwrite secret key" is thrown if the new certificate "mystore" that was added to the truststore "myTruststore" is not identified as a trusted certificate by the keyalias that already exists.
3. Removed the certificate "mystore" from the truststore.
4. Restarted the Message Processors.
5. The environments were loaded properly and was able to run the APIs again.
6. As far as the new certificate was concerned, we got the proper certificate and uploaded to a new truststore.
1. Checked the Message Processor and noticed that Message Processor was unable to load the specific environment of the org due to the following error:
2017-11-01 03:28:47,560 pool-21-thread-7 ERROR MESSAGING.RUNTIME - AbstractConfigurator.propagateEvent() : Error while handling the update for the Configurator com.apigee.kernel.exceptions.spi.UncheckedException: Failed to add certificate : mystore in key store : myTruststore in environment : dev at com.apigee.entities.configurators.KeyStore.setCertificateEntry(KeyStore.java:156) ~[config-entities-1.0.0.jar:na] at com.apigee.entities.configurators.KeyStore.handleUpdate(KeyStore.java:101) ~[config-entities-1.0.0.jar:na] ... Caused by: java.security.KeyStoreException: Cannot overwrite secret key at com.sun.crypto.provider.JceKeyStore.engineSetCertificateEntry(JceKeyStore.java:354) ~[sunjce_provider.jar:1.8.0_144] at java.security.KeyStore.setCertificateEntry(KeyStore.java:1201) ~[na:1.8.0_144] at com.apigee.entities.configurators.KeyStore.setCertificateEntry(KeyStore.java:153) ~[config-entities-1.0.0.jar:na] ... 20 common frames omitted 2017-11-01 03:28:47,562 pool-21-thread-7 ERROR MESSAGING.RUNTIME - AbstractConfigurator.rollbackTransaction() : Error in processing the changes : Unknown resource type cert
2. The Java exception "java.security.KeyStoreException: Cannot overwrite secret key" is thrown if the new certificate "mystore" that was added to the truststore "myTruststore" is not identified as a trusted certificate by the keyalias that already exists.
3. Removed the certificate "mystore" from the truststore.
4. Restarted the Message Processors.
5. The environments were loaded properly and was able to run the APIs again.
6. As far as the new certificate was concerned, we got the proper certificate and uploaded to a new truststore.
User | Count |
---|---|
5 | |
2 | |
2 | |
1 | |
1 |