第 5 步:集成自定义证书
Apigee mTLS 的标准安装是执行以下常规步骤:
/opt/apigee/apigee-service apigee-mtls install
/opt/apigee/apigee-service apigee-mtls setup -f /opt/silent.conf
/opt/apigee/apigee-service apigee-mtls start
如需安装自定义证书,您必须按照本
部分。
要将自定义证书与 Apigee mTLS 集成,您需要将以下文件复制到
/certs
和 /source
目录(位于
集群。您需要在安装期间执行此操作:
- 生成的 local_key.pem(每个节点独有)
- 生成的 local_cert.pem(对每个节点都是唯一的)
- 证书授权机构的 certificate.pem
- 证书授权机构的 key.pem
例如,使用自定义证书的 Apigee mTLS 安装步骤如下:
/opt/apigee/apigee-service apigee-mtls install
/opt/apigee/apigee-service apigee-mtls setup -f /opt/silent.conf
Copy the local generated certificate
cp PATH_TO_LOCAL_CERT /opt/apigee/apigee-mtls/certs/local_cert.pem
cp PATH_TO_LOCAL_CERT /opt/apigee/apigee-mtls/source/certs/local_cert.pem
Copy the local generated key
cp PATH_TO_LOCAL_KEY /opt/apigee/apigee-mtls/certs/local_key.pem
cp PATH_TO_LOCAL_KEY /opt/apigee/apigee-mtls/source/certs/local_key.pem
Copy the CA's certificate
cp PATH_TO_CA_CERT /opt/apigee/apigee-mtls/certs/ca_cert.pem
cp PATH_TO_CA_CERT /opt/apigee/apigee-mtls/source/certs/ca_cert.pem
Copy the CA's key
cp PATH_TO_CA_KEY /opt/apigee/apigee-mtls/certs/ca_key.pem
cp PATH_TO_CA_KEY /opt/apigee/apigee-mtls/source/certs/ca_key.pem
/opt/apigee/apigee-service apigee-mtls start
此过程会覆盖初始设置期间生成的证书。
完成新证书的集成后,您可以验证这些证书是否有效
按照验证证书中的说明操作。
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可,并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情,请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2024-08-20。
[{
"type": "thumb-down",
"id": "missingTheInformationINeed",
"label":"没有我需要的信息"
},{
"type": "thumb-down",
"id": "tooComplicatedTooManySteps",
"label":"太复杂/步骤太多"
},{
"type": "thumb-down",
"id": "outOfDate",
"label":"内容需要更新"
},{
"type": "thumb-down",
"id": "translationIssue",
"label":"翻译问题"
},{
"type": "thumb-down",
"id": "samplesCodeIssue",
"label":"示例/代码问题"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"其他"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"易于理解"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"解决了我的问题"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"其他"
}]
{"lastModified": "\u6700\u540e\u66f4\u65b0\u65f6\u95f4 (UTC)\uff1a2024-08-20\u3002"}
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["没有我需要的信息","missingTheInformationINeed","thumb-down"],["太复杂/步骤太多","tooComplicatedTooManySteps","thumb-down"],["内容需要更新","outOfDate","thumb-down"],["翻译问题","translationIssue","thumb-down"],["示例/代码问题","samplesCodeIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2024-08-20。"],[],[]]