We want to have following security settings for our on-premise environment:
Client to APIGEE Edge---> Two way SSL
APIGEE Edge to Target backend--> No SSL (Plain HTTP)
Please help me how to configure as above.
Hi @Ajmal Hussain, In your scenario, the client is going to call the API proxies deployed in APigee. A virtual host also defines whether the API proxy is accessed by using the HTTP protocol, or by the encrypted HTTPS protocol that uses TLS. When configuring a virtual host to use HTTPS and TLS, you create a virtual host on Edge and configure the virtual host to use a keystore and truststore.
Did you check out the docs?
https://docs.apigee.com/api-platform/system-administration/creating-virtual-host
Dear @Siddharth Barahalikar, Many thanks for a prompt reply.
I looked into the given documents but a slight confusion is that how can I modify the existing virtual host with the below configurations:
<VirtualHostname="myTLSVHost"><HostAliases> <HostAlias>apiTLS.myCompany.com</HostAlias> </HostAliases> <Interfaces/> <Port>9006</Port> <OCSPStapling>off</OCSPStapling> <SSLInfo> <Enabled>true</Enabled> <ClientAuthEnabled>false</ClientAuthEnabled> <KeyStore>ref://myTestKeystoreRef</KeyStore> <KeyAlias>myKeyAlias</KeyAlias> </SSLInfo></VirtualHost>
Do I need to run any command on APIGee node for this?
Please note that I am new to APIGee.
@Ajmal Hussain, you can use the management API to create or update virtual hosts. Note: it may require restart of message processor. Refer to the docs - https://docs.apigee.com/api-platform/fundamentals/configuring-virtual-hosts-private-cloud
Use Apigee Management APIs for ENterprise Cloud Account,
Update TLS configuration for an existing virtual host
--
Follow Nagashree's answer for On-Prem installation.
User | Count |
---|---|
7 | |
2 | |
2 | |
2 | |
1 |