Solved: Configuring Edge Management API TLS - Page 2

Report Inappropriate Content · 07-06-2016 06:08 PM

Hi Everyone

I have enabled TLS on the Edge Management API as explained in the documentation. However after turning off the Management API web server HTTP port:

conf_webserver_http.turn.off=true

I can see the Edge UI API Calls are failing.

I can see Apigee explicitly mentioned that this cause an issue, due to HTTP traffic towards this component, however due to our security requirements, I need to turn off all HTTP traffic cross my edge components including CS, ZK and UI, Router, MP and Management.

Please share your experiement with me on this topic.

Thank you

adas

@Reza Motevallizadeh Did you change your ui config to point to https:// instead of http ?

You need to update the following property in apigee.conf file:

apigee.mgmt.baseUrl="https://mgmtIP:443/v1"

If you look at the browser's console, you might be able to see what the actual error is. Looking at the error it seems that your UI is able to talk to management server just fine, but the issue seems to be related to users and userroles which comes from LDAP. So, if you can get the management server logs, it would be helpful.

View solution in original post

Report Inappropriate Content

Hi @Reza Motevallizadeh

This is the issue with self sign certs and play ws proxy will not allow to call a upstream https endpoint without passing the ssl validation. To avoid the ssl validation, you need to add the following property to application.conf in edge-ui to make it work:

ws.acceptAnyCertificate=true

To add this property, follow the below steps:

1. cd /opt/apigee/customer/application

2. Create a file called ui.properties (Make sure it is owned by 'apigee:apigee' user)

3. Add conf/application.conf+ws.acceptAnyCertificate=true in ui.properties file and save it

4. Restart the edge-ui using apigee-service (apigee-service edge-ui restart)

Hope this helps.

Thanks,

Archendra

View solution in original post