Closed kurtkanaskie closed 2 months ago
apigeecli organization export exports keystores with name only, It should also export the keyaliases. This causes any TargetServers that use a truststore to fail to import. Workaround is to manually export from EXPORT_ORG to IMPORT_ORG
apigeecli organization export
To export a trust store
apigeeclix keystores list --org=$EXPORT_ORG --env=dev [ "apigeex-payg-kurt" ] apigeeclix keystores get --org=$EXPORT_ORG --env=dev --name=apigeex-payg-kurt { "name": "apigeex-payg-kurt", "aliases": [ "xapi-dev.apigeex-payg-kurt.apigee.internal" ] } apigeeclix keyaliases get --org=$EXPORT_ORG --env=dev --alias=xapi-dev.apigeex-payg-kurt.apigee.internal --key=apigeex-payg-kurt { "alias": "xapi-dev.apigeex-payg-kurt.apigee.internal", "certsInfo": { "certInfo": [ { "version": 3, "subject": "CN=4347656c-a6b5-489c-91a2-ad9caae23d92", "issuer": "CN=4347656c-a6b5-489c-91a2-ad9caae23d92", "expiryDate": "1828728311000", "validFrom": "1671048311000", "isValid": "Yes", "sigAlgName": "SHA256-RSA", "publicKey": "RSA Public Key, 2048 bits", "basicConstraints": "CA:TRUE", "serialNumber": "9a:c1:b3:96:92:ad:22:20:f3:ed:1f:72:19:5b:67:8c" } ] }, "type": "CERT" } apigeeclix keyaliases getcert --org=$EXPORT_ORG --env=dev --alias=xapi-dev.apigeex-payg-kurt.apigee.internal --key=apigeex-payg-kurt Resource xapi-dev.apigeex-payg-kurt.apigee.internal.crt completed
To import into new org
apigeeclix keystores list --org=$IMPORT_ORG --env=dev [ "apigeex-payg-kurt" ] apigeeclix keyaliases create --org=$IMPORT_ORG --env=dev --alias=xapi-dev.apigeex-payg-kurt.apigee.internal --key=apigeex-payg-kurt --format=pem --cert-filepath=xapi-dev.apigeex-payg-kurt.apigee.internal.crt { "alias": "xapi-dev.apigeex-payg-kurt.apigee.internal", "certsInfo": { "certInfo": [ { "version": 3, "subject": "CN=4347656c-a6b5-489c-91a2-ad9caae23d92", "issuer": "CN=4347656c-a6b5-489c-91a2-ad9caae23d92", "expiryDate": "1828728311000", "validFrom": "1671048311000", "isValid": "Yes", "sigAlgName": "SHA256-RSA", "publicKey": "RSA Public Key, 2048 bits", "basicConstraints": "CA:TRUE", "serialNumber": "9a:c1:b3:96:92:ad:22:20:f3:ed:1f:72:19:5b:67:8c" } ] }, "type": "CERT" } apigeecli targetservers create --org=$ORG --env=dev \ --name=apigeex-payg-kurt-us-east1-dns \ --host=xapi-dev-us-east1.apigeex-payg-kurt.apigee.internal \ --port=443 --tls=true \ --truststore=apigeex-payg-kurt
apigeecli organization export
exports keystores with name only, It should also export the keyaliases. This causes any TargetServers that use a truststore to fail to import. Workaround is to manually export from EXPORT_ORG to IMPORT_ORGTo export a trust store
To import into new org