This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Virtual Host Creation Error (On-prem) - Invalid keyalias reference

Posted on 12-10-2018 02:16 PM
nagashree_b
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

I have created a Keystore by name TestKeyStore and a Key alias with the same name (keystores-config.jpg

) and added the certificate. I tested the keystore configuration as well.(keystore-test-result.jpg) I am trying to setup a virtual host (on prem apigee 4.18.05) with the below configuration using the management API and I see the below error Invalid KeyAlias Reference

<VirtualHost name="secure">
    <HostAliases>
        <HostAlias>my-apigee.net:443</HostAlias>
    </HostAliases>
    <Port>443</Port>
    <SSLInfo>
        <Enabled>true</Enabled>
        <ClientAuthEnabled>false</ClientAuthEnabled>
        <KeyStore>TestKeyStore</KeyStore>
        <KeyAlias>TestKeyStore</KeyAlias>
    </SSLInfo>
</VirtualHost>

Error Response:

{
    "code": "messaging.config.beans.InvalidKeyAliasReferenceInVirtualHost",
    "message": "VirtualHost secure has invalid keyalias reference TestKeyStore. Context Organization:xxxxx;Environment:sandbox",
    "contexts": []
}

@Anil Sagar @ Google Any pointers on what could be wrong here

0 5 641
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
sidd-harth
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Double check the keyAlias?

curl -X GET "http://<ms-IP>:8080/v1/organizations/{org-name}/environments/{env-name}/keystores/{keystore_name}/aliases -u orgAdminEmail:password
0 Likes

Posted on --/--/---- --:-- AM
nagashree_b
Silver 5
Silver 5
In response to sidd-harth
Reply posted on --/--/---- --:-- AM

Yes I have checked that. It lists the alias. Here is the output

[
    "TestKeyStore",
    "TestKeyStore2"
]
0 Likes

Posted on --/--/---- --:-- AM
nagashree_b
Silver 5
Silver 5
In response to nagashree_b
Reply posted on --/--/---- --:-- AM

@Dino-at-Google, @Anil Sagar @ Google - I couldn't get further information on this error in the Apigee docs. Appreciate if you could help me identify the cause for this issue. Thanks!

0 Likes

Posted on --/--/---- --:-- AM
rohanrao
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi

Certificate is missing key file. Cerificate should contain chain and key file. I also face same issue. Resolved by adding key file.

You can refer doc:

https://docs.apigee.com/api-platform/troubleshoot/integrated-portal/integrated-portal-invalid-virtua...

0 Likes

Posted on --/--/---- --:-- AM
API-Evangelist
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Start following https://docs.apigee.com/api-platform/fundamentals/configuring-virtual-hosts#definingavirtualhostforo... document & go step by step. Make sure to use reference - https://docs.apigee.com/api-platform/system-administration/working-references

<VirtualHost name="myTLSVHost">
    <HostAliases>
        <HostAlias>api.myCompany.com</HostAlias>
    </HostAliases>
    <Port>443</Port>
    <SSLInfo>
        <Enabled>true</Enabled>
        <ClientAuthEnabled>false</ClientAuthEnabled>
        <KeyStore>ref://myTestKeystoreRef</KeyStore>
        <KeyAlias>myKeyAlias</KeyAlias>
    </SSLInfo>
</VirtualHost>

 

Make sure to validate keystore using the management api - https://apidocs.apigee.com/docs/keystores-and-truststores/1/overview if your setup is clean or not.

Final validation you can do is to login to router server

cd /opt/nginx/conf.d

you will find all virtual host related information.

VirtualHost setup is little interesting if you are new but following the document will help. There are new additional cautions in the docs which will help the reader..

good luck.

0 Likes