I am trying to implement the two way ssl authentication with trial account but getting errors even after mentioned all parameters in virtual host.
Please help me to resolve this issue
I am using trial account and using secure virtual host to implement mutual authentication but getting errors.
<VirtualHost name="secure">
<HostAliases>
<HostAlias>anil603607-eval-prod.apigee.net</HostAlias>
</HostAliases>
<Interfaces/>
<ListenOptions/>
<Port>443</Port>
<Properties/>
<RetryOptions/>
<SSLInfo>
<ClientAuthEnabled>false</ClientAuthEnabled>
<Enabled>true</Enabled>
<IgnoreValidationErrors>false</IgnoreValidationErrors>
<KeyAlias>freetrial</KeyAlias>
<KeyStore>ref://freetrialref</KeyStore>
</SSLInfo>
<Properties>
<Property name="ssl_protocols">TLSv1.2</Property>
<Property name="ssl_ciphers">HIGH:!aNULL:!MD5:!DH+3DES:!kEDH</Property>
</Properties>
</VirtualHost>
“Invalid Virtual host reference” tells me that your API Proxy endpoint is pointing to a vhost that is not valid.
There are two things to check
- the name of the vhost (or vhosts) specified in the proxy endpoint
- the existence of that vhost in the environment to which you are trying to deploy
You showed a VirtualHost definition. That is not so useful. The question is, does it exist in the environment?
You also showed a screenshot of what looks like… a virtualhost definition jammed into your proxy endpoint. That’s not where it goes.
This is what the proxy endpoint is supposed to look like:
<ProxyEndpoint name="endpoint1">
<Description>Proxy Endpoint 1</Description>
<HTTPProxyConnection>
<BasePath>/headertest</BasePath>
<Properties/>
<VirtualHost>secure</VirtualHost>
</HTTPProxyConnection>
...
Note- the value inside the VirtualHost element is a NAME. That is the only thing allowed there. A NAME of a vhost. I have shown a name of “secure” in this example.
Elsewhere, you must insure that the named vhost exists. Do this by surfing to https://apigee.com/organizations/YOUR_ORG_NAME/vhosts in the Apigee Admin UI.
This is probably https://apigee.com/organizations/anil603607-eval-prod/vhosts in your case.
From the resulting screen, select the appropriate environment. Prod or test.
Select the vhost and you can alter or edit it. Or you can define a new one.
Or, you can perform these edit / create operations via the documented Administrative API.
Bottom line: The full details of the vhost definition do not belong in the proxy endpoint.