Having just installed the latest version of the Microgateway (2.3.5) I am recieving the following error trying to configure it for the 1st time:
listdeployments: {********},"asynclimit":4} Going to invoke "https://api.enterprise.apigee.com/v1/o/**********/apis/edgemicro-auth/deployments" { Error: unable to get local issuer certificate at TLSSocket.<anonymous> (_tls_wrap.js:1116:38) at emitNone (events.js:106:13) at TLSSocket.emit (events.js:208:7) at TLSSocket._finishInit (_tls_wrap.js:643:8) at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:473:38) code: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY' }<br />
This looks like SSL validation failed. That probably means either:
1) You don't have the standard root certificates installed on your OS
2) You have an SSL-intercepting proxy/firewall between your microgateway and the internet, and the certificate for that is not installed in your root certificate store.
Could you run this command on your server?
echo | openssl s_client -connect api.enterprise.apigee.com:443 -servername api.enterprise.apigee.com > /dev/null
If the depth=2 and depth=1 lines of your output looks like this:
depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign verify return:1 depth=1 C = US, O = Google Trust Services, CN = GTS CA 1O1 verify return:1 depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = api.enterprise.apigee.com verify return:1 DONE
Then 1) is your problem. Otherwise it's 2) and you need to talk to your network/security team.
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 |