"Trusted Server Certificates" of "Route Via Http (s)" does not work properly.

book

Article ID: 104011

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

When using the "Route Via HTTP(S) Assertion" and selecting an unrelated certificate the backend service connection succeeds without error. The expected behavior is that this connection would fail.


Cause

It is a bug.

Environment

CA API Gateway - 9.3(or lower)

Resolution

This is happening because  Global Root CA imported into the Gateway and is marked as Trust Anchor. 
The workaround is to unmark Global Root as a Trust Anchor or just remove the Global Root CA certificate from the Trusted Certificates.

CA will provide the fix in the next release 9.4.

 

Attachments

1558695473105000104011_sktwi1f5rjvs16i5x.png get_app