hi guys, any help is appreciated.
We are creating a private key and a cert for keystore for a domain created on apigee, say
api-xyz-np-dev.apigee.net. How can we get the certificate signed by a Certificate Authority? Since the domain is controlled by Apigee/Google, can the Certificate Authority sign the certificate for this domain, as it is not controlled by my company?
Thanks in advance.
Solved! Go to Solution.
You cannot generate a signed cert for a domain that ends in apigee.net .
That is Apigee's domain, and only Apigee can ask a CA for a signed Certificate asserting that Apigee owns that domain.
It IS possible for you to use an alternative domain name. You can ask a CA to sign a certificate for "api-xyz.mycompany.com" , if you have control over "mycompany.com" . And then you can use THAT certificate and hostalias in your virtualhost.
I described how I used LetsEncrypt (a CA) to generate a signed cert here:
You cannot generate a signed cert for a domain that ends in apigee.net .
That is Apigee's domain, and only Apigee can ask a CA for a signed Certificate asserting that Apigee owns that domain.
It IS possible for you to use an alternative domain name. You can ask a CA to sign a certificate for "api-xyz.mycompany.com" , if you have control over "mycompany.com" . And then you can use THAT certificate and hostalias in your virtualhost.
I described how I used LetsEncrypt (a CA) to generate a signed cert here:
Thanks for the response Dino. When you say we have control over "mycompany.com", its reasonable to believe that certificate authority will check who owns the company before signing it. I wonder if Apigee will detect and stop if we are trying to create a virtual host with any random domain alias like google.com.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |