How to configure ssl for API in kong

Question

I'm working on kong 0.13.1. Following the docs I added certificate as follows:

{
    "data": [
        {
            "cert": "certificate is really here", 
            "created_at": 1529667116000, 
            "id": "6ae77f49-a13f-45b1-a370-8d53b35d7bfd", 
            "key": "The key is really here", 
            "snis": [
                "myapp.local", 
                "mockbin.myapp.local"
            ]
        }
    ], 
    "total": 1
}

Then added an API which works perfectly well with http:

{
    "data": [
        {
            "created_at": 1529590900803, 
            "hosts": [
                "mockbin.myapp.local"
            ], 
            "http_if_terminated": false, 
            "https_only": false, 
            "id": "216c23c5-a1ae-4bef-870b-9c278113f8f8", 
            "name": "mockbin", 
            "preserve_host": false, 
            "retries": 5, 
            "strip_uri": true, 
            "upstream_connect_timeout": 60000, 
            "upstream_read_timeout": 60000, 
            "upstream_send_timeout": 60000, 
            "upstream_url": "http://localhost:3000"
        }
    ], 
    "total": 1
}

But unfortunately Kong keeps sending me a default cert located in /usr/local/kong/ssl/kong-default.crt

I'm testing it with:

openssl s_client -connect localhost:8443/products -host mockbin.myapp.local -debug

Back in the days there was a dynamic ssl plugin (where api ssl was added with version 0.3.0) but it's gone since 0.10 update.

I know that it's kinda fix my ~~code~~ configuration question but possibly someone else might also run into similar issue.

Luke · Accepted Answer

I spent some time on figuring it out but I didn't manage to fix it. As kong docs say, api is deprecated so I ended up with rewriting everything to routes and services and I advise you to do the same. Routes and services work perfectly well when implementing step by step based on docs.

How to configure ssl for API in kong

Answers (2)

Related Questions