Changing the deployed policy mode
You can change the type of policy deployed from flow hook to flow callout, or flow callout to flow hook using the PingIntelligence policy tool.
About this task
Using the following steps, you can also change the use of security certificate from self-signed to certificate authority (CA)-signed, or from CA-signed to self-signed. |
To change the type of policy:
Steps
-
To undeploy the deployed policy, run one of the following commands based on the policy and certificate used:
Choose from:
-
Undeploy a Flow Hook policy using a self-signed certificate.
/opt/pingidentity/pi/apigee/bin/undeploy.sh -fh Checking Apigee connectivity Apigee connectivity ... success Undeploying PI Apigee policy Flow Hook 1) Preproxy hook status ... undeployed 2) Postproxy hook status ... undeployed 3) Request policy undeployment status ... undeployed 4) Response policy undeployment status ... undeployed 5) Request policy deleting status ... deleted 6) Response policy deleting status ... deleted 7) PingIntelligence-Encrypted-Config-KVM status ... not-applicable 8) PingIntelligence-Config-KVM status ... not-applicable 9) ASE Primary target server status ... undeployed 10) ASE Secondary target server status ... undeployed 11) Truststore status ... undeployed 12) Cache status ... undeployed Undeployment of PI Policy finished successfully
-
Undeploy a Flow Hook policy using a CA-signed certificate.
opt/pingidentity/pi/apigee/bin/deploy.sh -fh -ca Checking Apigee connectivity Apigee connectivity ... success Undeploying PI Apigee policy Flow Hook 1) Preproxy hook status ... undeployed 2) Postproxy hook status ... undeployed 3) Request policy undeployment status ... undeployed 4) Response policy undeployment status ... undeployed 5) Request policy deleting status ... deleted 6) Response policy deleting status ... deleted 7) PingIntelligence-Encrypted-Config-KVM status ... not-applicable 8) PingIntelligence-Config-KVM status ... not-applicable 9) ASE Primary target server status ... undeployed 10) ASE Secondary target server status ... undeployed 11) Truststore status ... not-applicable - running using CA signed certificate 12) Cache status ... undeployed Undeployment of PI Policy finished successfully
-
Undeploy a Flow Callout policy using a self-signed certificate.
/opt/pingidentity/pi/apigee/bin/undeploy.sh -fc Checking Apigee connectivity Apigee connectivity ... success Undeploying PI Apigee policy Flow Call Out 1) Preproxy hook status ... undeployed 2) Postproxy hook status ... undeployed 3) Request policy undeployment status ... undeployed 4) Response policy undeployment status ... undeployed 5) Request policy deleting status ... deleted 6) Response policy deleting status ... deleted 7) PingIntelligence-Encrypted-Config-KVM status ... not-applicable 8) PingIntelligence-Config-KVM status ... not-applicable 9) ASE Primary target server status ... undeployed 10) ASE Secondary target server status ... undeployed 11) Truststore status ... undeployed 12) Cache status ... undeployed Undeployment of PI Policy finished successfully
-
Undeploy a Flow Callout policy using a CA-signed certificate.
opt/pingidentity/pi/apigee/bin/deploy.sh -fc -ca Checking Apigee connectivity Apigee connectivity ... success Undeploying PI Apigee policy Flow Call Out 1) Preproxy hook status ... undeployed 2) Postproxy hook status ... undeployed 3) Request policy undeployment status ... undeployed 4) Response policy undeployment status ... undeployed 5) Request policy deleting status ... deleted 6) Response policy deleting status ... deleted 7) PingIntelligence-Encrypted-Config-KVM status ... not-applicable 8) PingIntelligence-Config-KVM status ... not-applicable 9) ASE Primary target server status ... undeployed 10) ASE Secondary target server status ... undeployed 11) Truststore status ... not-applicable - running using CA signed certificate 12) Cache status ... undeployed Undeployment of PI Policy finished successfully
-
Next steps
To deploy the other policy, see Flow Hook or Flow Call Out.