This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Setting 2way SSL between Apigee and Django app

Posted on 04-16-2018 10:59 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hello,

I want to set 2way SSL between Apigee Proxy and Django App which is served by waitress.

I imported 3 certifies(root, intermediate, leap) on my backend server.

If I set SSL between Apigee and Django app, Do I also have to set https configuration for the application as well? (Like, editing configuration file for <VirtualHost> Block on Apache server)

Currently, when I access endpoint through Apigee proxy, it returns 504 timeout error message as below.

{"fault":{"faultstring":"Bad Gateway","detail":{"errorcode":"messaging.adaptors.http.flow.BadGateway"}}}

Is there any one who has experience setting up SSL for Django App? Any tips for me? Thanks

Solved Solved
0 5 630
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
rmishra
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Assuming that your Django app is the Apigee API Target. You will need to provide much more details to get help.

1. Is this a one way or two way TLS ?

Have you tried

  1. debugging network connectivity between the Apigee Message Processor and the Django app?
  2. Troubleshooting the TLS handshake ? Look at the message processor logs for why it fails to connect, on the Django app side see it a handshake is initiated at all? If yes, why is it rejected or getting hung?

View solution in original post

Jump to Solution
5 REPLIES 5

Posted on --/--/---- --:-- AM
rmishra
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Assuming that your Django app is the Apigee API Target. You will need to provide much more details to get help.

1. Is this a one way or two way TLS ?

Have you tried

  1. debugging network connectivity between the Apigee Message Processor and the Django app?
  2. Troubleshooting the TLS handshake ? Look at the message processor logs for why it fails to connect, on the Django app side see it a handshake is initiated at all? If yes, why is it rejected or getting hung?
Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to rmishra
Reply posted on --/--/---- --:-- AM

This is two way TLS.
How do I debug the network connectivity between the Apigee Message Processor and the Django App?


Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
rmishra
Bronze 2
Bronze 2
In response to
Reply posted on --/--/---- --:-- AM

Assuming you are leveraging an On Prem installation of Apigee

From each Apigee Message Processor - make a curl request from the server to your DJango app, use the curl options to provide cert and CA.

That should tell you why the TLS handshake is failing or if they are any routing issues(firewall, etc.)

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to rmishra
Reply posted on --/--/---- --:-- AM

I don't have Apigee Message Processor and Nginx on my server. Is it required to have to set SSL? Especially, Nginx?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
API-Evangelist
Silver 5
Silver 5
In response to
Reply posted on --/--/---- --:-- AM

Can you provide what apigee stack/topology & components are you running?

Check below docs for Configuring two-way TLS to the backend server

https://docs.apigee.com/api-platform/system-administration/configuring-ssl-edge-backend-service#conf...

To debug run tcpdump

tcpdump host <<backend target server>> and port <<port_number>> -w dump.out

analyze dump.out in wireshark..

Jump to Solution
0 Likes
Top Solution Authors
View all