Closed ccortinhas-pmi closed 1 year ago
Hi @ccortinhas-pmi, I'm trying to work on your case, but I can't the same page as yours, as I have the following:
do you havae some specific options ?
@ccortinhas-pmi,
using your browser's developer tools, you can get the requets that are made behind the scene by the platform to create and update the DLB in your case.
From that I can see what's missing.
Are you able to send the requests ?
Hi @soufi ,
It seems that "Client Certificate" was rebranded to "Trusted CA File" on the UI, so you are getting the correct field.
Nonetheless I created a new certificate just to replicate the payload of the PATCH request and is as follows (I removed the sensitive information):
[
{
"op":"replace",
"path":"/defaultSslEndpoint",
"value":1
},
{
"op":"add",
"path":"/sslEndpoints/0",
"value":{
"publicKeyLabel":"domain.pem",
"publicKey":"",
"privateKeyLabel":"domain.key",
"privateKey":"",
"mappings":[
{
"inputUri":"/{app}/",
"appName":"{app}",
"appUri":"/",
"upstreamProtocol":"http"
}
],
"privateKeyDigest":"",
"publicKeyDigest":"",
"publicKeyCN":"domain",
"publicKeySANs":[
],
"clientCertCN":"domain",
"clientCertDigest":"",
"revocationList":"",
"revocationListLabel":null,
"clientCert":"",
"clientCertLabel":"label.pem"
}
},
{
"op":"replace",
"path":"/sslEndpoints/1/mappings",
"value":[
(...)
]
},
{
"op":"replace",
"path":"/doubleStaticIps",
"value":false
}
]
I hope this helps.
hey @ccortinhas-pmi,
I'm happy to announce that the version v1.5.4 is published with plenty of enhancement for DLB.
Thank you for using this tool.
Using provider v1.5.2 we are deploying multiple DLBs with certificates. However we noticed that it is not possible to set a Client Certificate, for example of a trusted CA to verify client certificates.
A close case to ours is explained here.
Notice the second screen in particular and the client certificate:
We had success in setting the SSL/TLS certificate via terraform, but we also need to apply a client certificate, and it seems that anypoint provider v1.5.2 didn't support that yet.
Can you implement this feature please? It's one of the few mandatory manual steps that's stopping us from fully automating our Mulesoft infrastructure.