Apigee X (cloud Evaluation) - Proxy not able to pickup KeyStore Alias name

Google Cloud Apigee
1

Hello all,

I´m using an evaluation Apigee X from GCP and I´m facing the following error when trying to deploy my proxy using Apigee X UI. The target endpoint requires mTLS:

“required reference “organizations/ORGNAME/environments/eval/references/RefTesteKey” to keystore “organizations/vli-integrarodo-dev/environments/eval/keystores/KeyStoreMTLS” is missing required key_cert aliases [myKeyAlias]”

Just for testing purposes, I´ve also tried to use the keystore name as an alternative (not the reference) but still apigee is not identifying my key alias. Please find below the SSL config that I´m trying to configure:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> [https://mytargetendpoint/v1/products](https://mytargetendpoint/v1/products) true true ref://RefTesteKey myKeyAlias false

Also, I´ve double checked the key alias by calling apigee googleapis (Method: organizations.environments.keystores.get  |  Apigee  |  Google Cloud) and the result is as per below:

fcasteluber_0-1643137413945.png
fcasteluber_0-1643137413945.png349×166 2.39 KB

Could you please kindly advise if I am missing any step or configuration?

Kind Regards

1 Like
2

Thanks for raising this. I believe the error message you’re getting is misleading.

I think you may need to create a new alias, and ensure you’re specifying both a certificate and key.

It seems if you do not specify the key which is required, when you attempt to use that alias in your proxy, it’s providing a misleading error message

1 Like
3

Thank you very much dknezic! For sure, the error message was misleading. After changing the certificate type I was able to deploy.

4

Hi , we are facing the similar issue , we have a CA signed cert for our Kafka application which is target for Apigee , we are trying to create a Keystore and Keyalias and upload the CA signed cert , however we are getting error like below :
generic::failed_precondition:required reference is missing required key cert aliases.

5

Can you please post this as a new question and include details on how you’re trying to create it as it sounds like you’re creating a reference not a key store.

1 Like
6

We are facing same issue @fcasteluber , could please let us know what type of certificate and key you have used.

7

Hey @Ankita9561 , thanks for adding to this discussion. To ensure your question gets the proper attention, I recommend creating a new post and referencing this thread. This way the community can provide better guidance. :+1:t3: