This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

HTTP 400 when EdgeMicro attempts to connect to a Two-way SSL enabled Target Endpoint

Posted on 02-13-2019 01:53 PM
prabhup1
New Member
Reply posted on --/--/---- --:-- AM

The edgemicro section of config.yaml is as follows:

edgemicro:

port: 8000

max_connections: 1000

config_change_poll_interval: 600

logging:

level: error

dir: /var/tmp

stats_log_interval: 60

rotate_interval: 24

plugins:

sequence:

- oauth

targets:

- host: 'org-dev.xxxxx.com'

tls: // Note: I tried putting ssl in here. Same result.

client:

cert: 'path/to/cert'

key: 'path/to/.key'

rejectUnauthorized: true

In this case host - org-dev.xxxxx.com - is secured using two-way ssl.

During testing, I am seeing HTTP 400 error with the following message:

<html>

<head>

<title>400 No required SSL certificate was sent</title>

</head>

<body bgcolor="white">

<center> <h1>400 Bad Request</h1> </center>

<center>No required SSL certificate was sent</center>

<hr>

<center>nginx</center>

/body>

</html>

Can someone please tell me what I am doing wrong?

0 6 226
Topic Labels
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
imesh
Staff
Reply posted on --/--/---- --:-- AM

May be we could first verify the given CA certificate using a CURL command:

curl -i --cacert /path/to/ca-certificate.pem https://<server-url>;
0 Likes

Posted on --/--/---- --:-- AM
prabhup1
New Member
Reply posted on --/--/---- --:-- AM

@Imesh Gunaratne Thanks Imesh. I verified that the SSL handshake completes successfully.

0 Likes

Posted on --/--/---- --:-- AM
imesh
Staff
In response to prabhup1
Reply posted on --/--/---- --:-- AM

It's a great pleasure Pradeep! Were you able to get it working? If so, would you mind sharing the cause of the issue and how you resolved it? Thanks!

0 Likes

Posted on --/--/---- --:-- AM
prabhup1
New Member
In response to imesh
Reply posted on --/--/---- --:-- AM

@Imesh Gunaratne , Hi Imesh. Sorry, I was very vague with my previous answer. The SSL handshake is successful however, the microgateway still won't connect to the target endpoint. I see the same "No required SSL certificate was sent" error message.

0 Likes

Posted on --/--/---- --:-- AM
victorshaw
Staff
Reply posted on --/--/---- --:-- AM

@Pradeep , Encountered this a few days ago. Since the SSL handshake is verified, I believe the fix is in adjusting the `targets` property in the yaml file to be on the same level as `edgemicro`, not as a child. also 'tls' should be 'ssl'.

8212-screen-shot-2019-02-23-at-23959-am.png

0 Likes

Posted on --/--/---- --:-- AM
prabhup1
New Member
In response to victorshaw
Reply posted on --/--/---- --:-- AM
@Victor Shaw

Hi Victor,

The documentation at

https://docs.apigee.com/api-platform/microgateway/2.5.x/operation-and-configuration-reference-edge-m... (under Using client ssl/tls options section:) shows targets is a child of edgemicro.

The documentation indicates the use of both ssl and tls keywords.


0 Likes