We have created a proxy and it is using Target Servers to retrieve target endpoint. The proxy works fine for qa environment but fails for dev environment stating below error.
Error Deploying Revision 2 to dev
Target default has invalid keyalias reference BUS-APIGEE-QA. Context Revision:2;APIProxy:balances;Organization:orgname-nonprod;Environment:dev.
The Target Servers and TLS Key Stores are same for qa and dev environment. We have restarted the servers as well, still proxy is not able to pick up the keystore.
<HTTPTargetConnection> <Properties/> <SSLInfo> <Enabled>true</Enabled> <ClientAuthEnabled>true</ClientAuthEnabled> <KeyStore>esb-mtls-apigee-keystore</KeyStore> <KeyAlias>ESB-APIGEE-QA</KeyAlias> <TrustStore>esb-mtls-apigee-truststore</TrustStore> </SSLInfo> <LoadBalancer> <Server name="esb_rest"/> </LoadBalancer> <Path>/ws/AcctInformation1.0</Path> </HTTPTargetConnection>
Any help would be greatly appreciated. I have attached the snapshot of Apigee Edge configuration of dev and qa environments.
Thank you!
Solved! Go to Solution.
1. Run the following command on the Management Server:-
curl -v -u <username> "URL"
where URL is
/e/<Env>/keystores/<KeystoreName>
OName=Orgname
Env=Environment Name
KeystoreName = KeystoreNameWhichHasPrivateKeyPlusPublicKey
2. You will get the below output
{
"aliases" : [ {
"aliasName" : "KeystoreName",
"cert" : "KeystoreName-cert",
"key" : "KeystoreName-key"
} ],
"certs" : [ "KeystoreName-cert" ],
"keys" : [ "KeystoreName" ],
"name" : "KeystoreName"
}
3. The aliasName above is the alias name of your keystore.
I don't know what the problem might be, but ... can you try using a keystore REFERENCE (ref://reference-name-here ) . ?
This is generally recommended as best practice.
Hi @Dino-at-Google,
As mentioned I have used the reference, but DEV deployment is still throwing error. QA works pretty well. I have attached the configurations snapshot in the question section.
<SSLInfo> <Enabled>true</Enabled> <ClientAuthEnabled>true</ClientAuthEnabled> <KeyStore>ref://esb-keystore</KeyStore> <KeyAlias>ESB-APIGEE-QA</KeyAlias> <TrustStore>ref://esb-truststore</TrustStore> </SSLInfo>
Deployment error is
Error Deploying Revision 2 to dev
Target default has invalid keyalias reference ESB-APIGEE-QA. Context Revision:2;APIProxy:balances;Organization:fhnc-nonprod;Environment:dev.
Can you try some queries for me?
curl -i -n $mgmtserver/v1/o/$ORG/e/dev/references
From that I expect to see your named reference,. "esb-keystore".
Then examine the reference you used:
curl -i -n $mgmtserver/v1/o/$ORG/e/dev/references/esb-keystore
You should see an output like this:
{ "name" : "esb-keystore", "refers" : "SOMETHING", "resourceType" : "KeyStore" }
Then, query the keystore that is referenced
curl -i -n $mgmtserver/v1/o/$ORG/e/dev/keystores/SOMETHING
As a response to that, you should see something like this:
{ "aliases" : [ { "aliasName" : "alias1", "cert" : "alias1-cert", "key" : "alias1-key" } ], "certs" : [ "alias1-cert" ], "keys" : [ "expediaClient" ], "name" : "SOMETHING" }
The aliasName ought to be "ESB-APIGEE-QA".
Also, here's a nice utility for creating keystores within Apigee Edge. It may work for your private cloud deployment.
Thank you @Dino-at-Google, after querying the keystore and while comparing QA with DEV got to know in DEV certificate was not setup properly because of that i was getting error.
Thank you once again!
1. Run the following command on the Management Server:-
curl -v -u <username> "URL"
where URL is
/e/<Env>/keystores/<KeystoreName>
OName=Orgname
Env=Environment Name
KeystoreName = KeystoreNameWhichHasPrivateKeyPlusPublicKey
2. You will get the below output
{
"aliases" : [ {
"aliasName" : "KeystoreName",
"cert" : "KeystoreName-cert",
"key" : "KeystoreName-key"
} ],
"certs" : [ "KeystoreName-cert" ],
"keys" : [ "KeystoreName" ],
"name" : "KeystoreName"
}
3. The aliasName above is the alias name of your keystore.
I am not able to provide the URL. I guess the UI has some restrictions.
/v1/o/OName
/e/Env/keystores/KeystoreName
Thank you @gbhandari, the issue was with KeyStore setup in DEV environment. Got to know the difference in Keystore setup while comparing QA and DEV configurations.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |