Send Docs Feedback

Note: Most user interface tasks can be performed in Edge Classic or the New Edge experience. For an overview, getting started topics, and release notes specific to the New Edge experience, see the docs.

Using TLS in a Private Cloud installation

Apigee Edge

The following figure shows where Apigee Edge for Private Cloud customers configure TLS:

The following table describes the locations where you configure TLS access for a Private Cloud installation:

 

Source

Destination

TLS Access

1

API developer

Edge management UI

Enable TLS on the Edge management UI.

See the Edge Operations Guide for more, which is available from your private FTP account or on the Apigee Support Portal under Libraries  (Edge for Private Cloud version 4.16.01 and earlier) and online at Configuring TLS/SSL for Edge On Premises (version 4.16.05 and later).

2

API Developer

Edge management API

Enable TLS on the Edge management API.

See the Edge Operations Guide for more, which is available from your private FTP account or on the Apigee Support Portal under Libraries (Edge for Private Cloud version 4.16.01 and earlier) and online at Configuring TLS/SSL for Edge On Premises (version 4.16.05 and later).

3

API Client (app)

API

Enable TLS on API access through the use of virtual hosts on the Edge Router.

See Configuring TLS access to an API for the Private Cloud for more.

4

Edge

ターゲットエンドポイント

Enable TLS between Edge and a backend service provider.

See Configuring TLS from Edge to the backend (Cloud and Private Cloud) for more.

5

Router

Message Processor

Enable TLS for communication between a Router and Message Processor.

See the Edge Operations Guide for more, which is available from your private FTP account or on the Apigee Support Portal under Libraries (Edge for Private Cloud version 4.16.01 and earlier) and online at Configuring TLS/SSL for Edge On Premises (version 4.16.05 and later)..

If your Edge for Private Cloud installation included a load balancer, then you might also have to replace the configuration for #3 above to configure TLS between the app and load balancer, and between the load balancer and the Edge Router:

 

Source

Destination

説明

6

アプリ

Load Balancer

Enable TLS on the load balancer. This process is determined by your load balancer.

7

Load Balancer

Router

If necessary, enable TLS on the Router for requests from the load balancer. Use the same process as you do for configuring TLS for a virtual host as described here: Configuring TLS access to an API for the Private Cloud.

If the load balancer and Router are in the same security domain, TLS configuration may not be necessary. However, that is dependent on your network configuration.

参考資料 :

API BaaS

The following image shows the places where API BaaS uses TLS:

See Configuring TLS for API BaaS for more information. 

Help or comments?