How to configure Edge backend 1-way SSL to not trust expired certs?

It appears that if the back-end API servers offer an expired SSL certificate, Apigee will still connect. How do we configure Apigee to use 1-way SSL to connect to a backend but to not allow invalid/expired SSL certs, or at least to alarm loudly about the status when connecting?

0 1 335
1 REPLY 1

Would a config like this work? where we enable SSL but set ClientAuth to false?

<TargetEndpoint name="default"> 

… 

<HTTPTargetConnection> 

<SSLInfo> 

<Enabled>true</Enabled> 

<ClientAuthEnabled>false</ClientAuthEnabled> 

<TrustStore>myTrustStore</TrustStore> 

</SSLInfo> 

<URL>https://myservice.com</URL> 

</HTTPTargetConnection> 

… 

</TargetEndpoint>