You can configure TLS communication between Traceable's Apigee agent and Traceable's Platform agent. Make a note of the following points before you begin:
- Make sure that Traceable Platform agent's TLS is already set up. Configure the following in your Traceable Platform agent's
values.yamloragentconfig.yamlfile (as per your deployment method) for setting up TLS:YAMLtls_server: key_file: "domain.key" cert_file: "domain.crt" root_cert_file: "root_ca.crt"You can generate a root CA certificate by following the script documented in this topic.
- Make sure that Apigee agent is set up. For more information, see Apigee - Cloud deployment.
Steps
Complete the following steps to configure TLS in Apigee:
- Log into your Apigee platform and navigate to Keystore settings under Admin → Environments → TLS Keystores.
- Click on the + Keystore button as shown above to create a new Keystore.
- Create a new alias by selecting Certificate Only option. Provide the
root_ca.crtcorresponding to the certificate used to set up Traceable Platform agent.
- Navigate to Admin → Environments → References.
- Create a new reference that points to the Keystore that you have created.
- Navigate to Develop → SharedFlows → traceable-sharedflow.
- Navigate to ExportSpansJSand:
- Set
SSLEnabledtotrue - Change the Truststore element to the reference created above in
ref://<name of your reference>format.
- Set
- Update your ExportSpanJS to enable TLS and then save and deploy the new version to SharedFlow.