This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

TLS Keystores still issuing old certificate

Posted on 05-10-2020 06:20 PM
systemsdevelopm
New Member
Reply posted on --/--/---- --:-- AM

I've got six days left until the certificate that the clients see when hitting my domain expires. I have uploaded a new one into the TLS Keystores tab and that expires in May 2021. I've tried everything I can do in my browser to make sure it is not caching the certificate. There is no sign of the old certificate in the Keystores tab, under Dev, Prod or Portal.

How do I get Apigee to start sending out the new certificate on my portal and api domains?

0 3 146
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
dknezic
Staff
Reply posted on --/--/---- --:-- AM

did you use a keystore reference?

Either way, it sounds like you need to open a support case requesting a router restart

0 Likes

Posted on --/--/---- --:-- AM
systemsdevelopm
New Member
In response to dknezic
Reply posted on --/--/---- --:-- AM

Under Environments > TLS keystores > prod I see four keystores, the 'freetrial' expired 2 months ago, the others expire in a year or more. Not sure what you mean by 'reference'

0 Likes

Posted on --/--/---- --:-- AM
dknezic
Staff
In response to systemsdevelopm
Reply posted on --/--/---- --:-- AM

https://docs.apigee.com/api-platform/system-administration/working-references

The advantage to using a reference is that you can change the value of the reference to change the keystore used by the virtual host, usually because the cert in the current keystore is expiring in the near future. Changing the value of the reference does not require you to restart the Edge Router.

I'd recommend you change to using a reference, then hopefully future changes will work

0 Likes
Top Solution Authors
View all