In Apigee hybrid, the Message Processor (MP) is the workhorse that processes incoming API requests, executes policies, and proxies API requests to target services. To do its work, the MP interacts with the local, runtime Cassandra database and it has read-only access to the host file system, where it loads proxies, resources, target servers, and other required Edge entities at startup.
This section describes common configuration processes for Message Processors.
Configure SSL and KMS encryption keys
By default, the MP endpoint uses port 443 with SSL
pre-configured using a self-signed certificate. If you want to
switch to your own properly CA-signed certificate, configure
sslCertPath in your
overrides.yaml as shown below.
You can also specify the location of encryption keys for the Apigee Edge key management system (KMS) and cache data.
To configure these certs and keys, copy the following path
configuration properties into your
and make the appropriate path substitutions for your MP pods. When
you apply the config to your cluster, the certificate and key file
contents are stored in a Kubernetes secret.
config: base64Credentials: dXNlckBleGFtcGxlLmNvbTphYmMxMjM= envs: - orgName: MyOrganization envName: MyEnvironment port: 443 sslKeyPath: /path/to/example.com.key sslCertPath: /path/to/example.com.crt kmsEncryptionKeyPath: /path/to/enc_kms.txt cacheEncryptionKeyPath: /path/to/enc_cache.txt