Virtual Host creation/update Fails with Cloudflare Origin Certificate

pbagadiya
Participant I

Hi,

I have created a new keystore and uploaded Cloudflare Origin Certificate (domain cert) with its Root Certificate in a single file.

I have created a new reference to use this new keystore and alias and then I am trying to update virtual host to use the new reference and change the host alias to match the new domain name but it fails with below error.

Virtual host creation/update failed due to a keystore cert validation error. Cert is invalid or cannot be trusted by java trust anchors or CAs.

As per the above error, it is true that the Cloudflare Origin (domain cert) & Root certificates are issued by Cloudflare Origin SSL CA which is not trusted CA. Does that mean I cannot install Cloudflare Origin certificates on Apigee Edge virtual host?

I have also ask Apigee support team to restart a router service but that is also not resolving the issue.

Is there any way that this can be resolved?

0 5 534
5 REPLIES 5

pbagadiya
Participant I

pbagadiya
Participant I

Apigee support team has confirmed that the self-signed certificate is not allowed and hence I cannot use Cloudflare Origin certificate.

EDIT: as Of July 2020, this is no longer the case. Contact Apigee support for assistance configuring this.

Is this still the case? I would be delighted apigee can confirm they support cloudflare origin certificates as paying for 2 services is waste of money

No, it's not the case. You can configure a Vhost with a Cert that is signed by a CA that is outside the set of root CAs maintained by Mozilla. But you need to contact Apigee Support to get help configuring that .

I'm facing the same here... is there a workaround for this one?