Apigee mTLS 的標準安裝作業是執行下列一般步驟:
/opt/apigee/apigee-service apigee-mtls install/opt/apigee/apigee-service apigee-mtls setup -f /opt/silent.conf/opt/apigee/apigee-service apigee-mtls start
如要安裝自訂憑證,您必須按照 專區。
如要整合自訂憑證與 Apigee mTLS,請將下列檔案複製到
資料集內每個節點上的 /certs 和 /source 目錄
物件您可在安裝期間進行此操作:
- 產生的 local_key.pem (每個節點專屬)
- 產生的 local_cert.pem (每個節點專屬)
- 憑證授權單位的 certificate.pem
- 憑證授權單位的 key.pem
舉例來說,Apigee mTLS 具有自訂憑證的安裝步驟如下所示:
/opt/apigee/apigee-service apigee-mtls install/opt/apigee/apigee-service apigee-mtls setup -f /opt/silent.confCopy the local generated certificatecp PATH_TO_LOCAL_CERT /opt/apigee/apigee-mtls/certs/local_cert.pemcp PATH_TO_LOCAL_CERT /opt/apigee/apigee-mtls/source/certs/local_cert.pemCopy the local generated keycp PATH_TO_LOCAL_KEY /opt/apigee/apigee-mtls/certs/local_key.pemcp PATH_TO_LOCAL_KEY /opt/apigee/apigee-mtls/source/certs/local_key.pemCopy the CA's certificatecp PATH_TO_CA_CERT /opt/apigee/apigee-mtls/certs/ca_cert.pemcp PATH_TO_CA_CERT /opt/apigee/apigee-mtls/source/certs/ca_cert.pemCopy the CA's keycp PATH_TO_CA_KEY /opt/apigee/apigee-mtls/certs/ca_key.pemcp PATH_TO_CA_KEY /opt/apigee/apigee-mtls/source/certs/ca_key.pem/opt/apigee/apigee-service apigee-mtls start
這項程序會覆寫在初始設定期間產生的憑證。
完成新憑證的整合後,您可以驗證新憑證是否有效 請參閱驗證憑證中的操作說明。