This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

TLS Cipher suit as a provider.

Posted on 04-14-2020 05:34 AM
rohitkaradi
New Member
Reply posted on --/--/---- --:-- AM

Hi Team,

We are migrating one application in APIGEE, where we have Terget provider as a two way SSL.


We have to configure cipher in target default.xml. Do we need to declare the cipher suits with in SSLinfo block or we can declare it as outside SSLinfo block as well. Does it will work?

<Properties><Propertyname="proxy_read_timeout">50</Property><Propertyname="keepalive_timeout">300</Property><Propertyname="proxy_request_buffering">off</Property><Propertyname="proxy_buffering">off</Property><Propertyname="ssl_protocols">TLSv1.2 TLSv1.1</Property><Propertyname="ssl_ciphers">HIGH:!aNULL:!MD5:!DH+3DES:!kEDH</Property></Properties>

I have referred https://docs.apigee.com/api-platform/system-administration/creating-virtual-host
but it seems for crating -virtual host. I have to declare it for creation for Target.

Regards,

Rohit Karadi

0 1 105
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
cjking
Staff
Reply posted on --/--/---- --:-- AM

I believe you're going to need to put the ciphers and protocols parts inside an SSLInfo block. You can see some examples here: https://docs.apigee.com/api-platform/reference/api-proxy-configuration-reference#tlsssltargetendpoin...

0 Likes