(Optional) Apigee agent TLS configuration

You can configure TLS communication between Traceable's Apigee agent and Traceable's Platform agent. Make a note of the following points before you begin: 

• Make sure that Traceable Platform agent's TLS is already set up. Configure the following in your Traceable Platform agent's values.yaml or agentconfig.yamlfile (as per your deployment method) for setting up TLS:
  YAMLYAML

  tls_server:
    key_file: "domain.key"
    cert_file: "domain.crt"
    root_cert_file: "root_ca.crt"

  You can generate a root CA certificate by following the script documented in this topic.

• Make sure that Apigee agent is set up. For more information, see Apigee - Cloud deployment.

Steps

Complete the following steps to configure TLS in Apigee:

1. Log into your Apigee platform and navigate to Keystore settings under Admin → Environments → TLS Keystores.
2. Click on the + Keystore button as shown above to create a new Keystore.
3. Create a new alias by selecting Certificate Only option. Provide the root_ca.crt corresponding to the certificate used to set up Traceable Platform agent.
4. Navigate to Admin → Environments → References.
5. Create a new reference that points to the Keystore that you have created.
6. Navigate to Develop → SharedFlows → traceable-sharedflow.
7. Navigate to ExportSpansJSand: 
   1. Set SSLEnabled to true
   2. Change the Truststore element to the reference created above in ref://<name of your reference> format.
8. Update your ExportSpanJS to enable TLS and then save and deploy the new version to SharedFlow.