Hi
I am trying to configure TLS connection between the Edge Router and MP as instructed in Apigee Edge Private cloud OPS manual. After restarting the Router and MP, the message processor failed to started with the following error message (java.lang.Exception: Missing mandatory parameters).
[ My Steps ]
The following properties has been configured in my Message Processor property file
/opt/apigee/customer/application/message-processor.properties conf_message-processor-communication_local.http.ssl=true conf_message-processor-communication+local.http.port=8443 conf_message-processor-communication+local.http.ssl.keystore.type=jks conf_message-processor-communication+local.http.ssl.keystore.path=/tmp/mps.jks conf_message-processor-communication+local.http.ssl.keyalias=apigee-mps conf_message-processor-communication+local.http.ssl.keystore.password=OBF:1fof1j1u1igh1ym51t331ym91idp1iz01fmn
As instructed, I have restarted my MP and Router
apigee-service edge-router restart apigee-service edge-message-processor restart
And I am sure the configuration took effect:
apigee-service edge-message-processor configure --search conf_message-processor-communication_local.http.ssl Found key conf_message-processor-communication_local.http.ssl, with value, false, in /opt/apigee/edge-message-processor/token/default.properties Found key conf_message-processor-communication_local.http.ssl, with value, true, in /opt/apigee/customer//application/message-processor.properties apigee-configutil: edge-message-processor: # OK
However the following stack trace shown up in my Message Processor system.log.
2016-07-05 22:35:38,750 main ERROR MESSAGING.CONFIGURATION - MessageProcessorServiceImpl.configureSkeleton() : Exception details {} java.lang.Exception: Missing mandatory parameters at com.apigee.messaging.adaptors.http.configuration.MessageProcessorHttpSkeletonFactory.configureSSL(MessageProcessorHttpSkeletonFactory.java:124) ~[http-adaptor-1.0.0.jar:na] at com.apigee.messaging.adaptors.http.configuration.MessageProcessorHttpSkeletonFactory.newSkeleton(MessageProcessorHttpSkeletonFactory.java:100) ~[http-adaptor-1.0.0.jar:na] at com.apigee.messaging.configuration.MessageProcessorServiceImpl.configureSkeleton(MessageProcessorServiceImpl.java:520) [message-processor-1.0.0.jar:na] at com.apigee.messaging.configuration.MessageProcessorServiceImpl.registerHttpServer(MessageProcessorServiceImpl.java:406) [message-processor-1.0.0.jar:na] at com.apigee.messaging.configuration.MessageProcessorServiceImpl.start(MessageProcessorServiceImpl.java:211) [message-processor-1.0.0.jar:na] at com.apigee.kernel.service.deployment.ServiceDeployer.startService(ServiceDeployer.java:167) [microkernel-1.0.0.jar:na] at com.apigee.kernel.service.deployment.ServiceDeployer.deploy(ServiceDeployer.java:70) [microkernel-1.0.0.jar:na] at com.apigee.kernel.service.deployment.ServiceDeployer.deployDependantServices(ServiceDeployer.java:356) [microkernel-1.0.0.jar:na] at com.apigee.kernel.service.deployment.ServiceDeployer.deploy(ServiceDeployer.java:76) [microkernel-1.0.0.jar:na] at com.apigee.kernel.MicroKernel.deployAll(MicroKernel.java:178) [microkernel-1.0.0.jar:na] at com.apigee.kernel.MicroKernel.start(MicroKernel.java:139) [microkernel-1.0.0.jar:na] at com.apigee.kernel.MicroKernel.start(MicroKernel.java:135) [microkernel-1.0.0.jar:na] at com.apigee.kernel.MicroKernel.main(MicroKernel.java:84) [microkernel-1.0.0.jar:na] 2016-07-05 22:35:38,750 main ERROR MESSAGING.CONFIGURATION - MessageProcessorServiceImpl.registerHttpServer() : Unable to instantiate Message processor service
The startupruntimeerrors.log is empty and the router is up and running fine.
apigee-service edge-router status
apigee-service: edge-router: OK
apigee-service: edge-message-processor: Not running (DEAD)
You need to use the following properties to make it work:
/opt/apigee/customer/application/message-processor.properties conf_message-processor-communication_local.http.ssl=true conf/message-processor-communication.properties+local.http.port=8443 conf/message-processor-communication.properties+local.http.ssl.keystore.type=jks conf/message-processor-communication.properties+local.http.ssl.keystore.path=/tmp/mps.jks conf/message-processor-communication.properties+local.http.ssl.keyalias=apigee-mps conf/message-processor-communication.properties+local.http.ssl.keystore.password=OBF:1fof1j1u1igh1ym51t331ym91idp1iz01fmn
And then go to edge-router and do rm /opt/nginx/conf.d/*
restart the edge-message-processor first then edge-router. Hope this helps.
Thanks,
Archendra
I've found an issue with this doc - for enabling ssl between router and mp.
http://docs.apigee.com/api-services/latest/configuring-ssl-edge-premises
In the config file message-processor.properties, there is a keyalias mentioned. however this is not explicitly created. I had to create a keystore with an alias as below, directly in jks
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass passwd -validity 360 -keysize 2048
My config file is as below
conf_message-processor-communication_local.http.ssl=true conf/message-processor-communication.properties+local.http.port=8443 conf/message-processor-communication.properties+local.http.ssl.keystore.type=jks conf/message-processor-communication.properties+local.http.ssl.keystore.path=/tmp/keystore.jks conf/message-processor-communication.properties+local.http.ssl.keyalias=selfsigned # Enter the obfuscated keystore password below. conf/message-processor-communication.properties+local.http.ssl.keystore.password=OBF:obfpasswd
Thanks for sharing the info @Ahammed Abdulla Thufael ... We will update the doc. @wwitman Please note this.
@Reza Khan on Router, have you deleted any files in /opt/nginx/conf.d prior the restart?