Google is committed to advancing racial equity for Black communities. See how.

TLS certificate expired in integrated developer portal custom domain configuration

Symptom

The custom domain configuration in the integrated developer portal will not work if the TLS certificate chain is expired: Publish > Portals > Developer Portal > Settings > Domains.

Error Message

The following error message is displayed:

Certificate expired

The error message is displayed in the Edge UI as shown below:

Certificate expired error message displayed in Publish > Portals > Developer Portal > Settings > Domains

Possible Causes

Cause Description> Troubleshooting instructions applicable for
TLS certificate chain has expired If the TLS certificate chain provided has expired, the custom domain configuration will fail. Edge Public Cloud users

Cause: TLS certificate chain has expired

Diagnosis

Do the following steps to diagnose the issue:

  1. Verify the TLS certificate chain expiry date and time.
  2. If the specific TLS certificate chain is expired, then it will cause the virtual host creation process to fail in the integrated developer portal. As a result, the above error message is displayed to the user on the custom domain configuration page of the Edge UI.

Resolution

If you have ascertained that the TLS Certificate chain has expired, then do the following steps to resolve this issue:

  1. Obtain a new TLS certificate chain from the relevant certificate authority.
  2. Convert the TLS certificate chain to PEM format.
  3. Validate that the TLS certificate chain is valid.
  4. Remove the existing TLS Certificate chain from the specific keystore.
  5. Upload the file containing the TLS certificate chain in PEM format and the file containing the private key to the keystore using a key alias in the Edge UI or management API.
  6. Configure keystore, alias, domain name in the integrated developer portal custom domain configuration page.
  7. Click Save.

If the problem still persists, go to Must gather diagnostic information.

Must gather diagnostic information

If the problem persists after following the above instructions, gather the following diagnostic information and share it with Apigee Support:

  • Apigee Edge Cloud organization name
  • Apigee Edge Cloud integrated developer portal name
  • Name of the keystore created in the portal environment
  • Alias name
  • Custom domain name
  • A screenshot of the custom domain configuration page capturing the error message