Disconnection from Policy Manager

book

Article ID: 131354

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

Shortly after connecting to the API Gateway, you are kicked out of the connection with the following error: 

"The SSL/TLS handshake with the Gateway has failed: Path does not chain with any of the trust anchors."

Cause

The issue is that the same policy manager was being used to connect to two different API gateway clusters that had the same CN value for the default SSL certificate. The CN was the same between the two clusters but the serial number didn't match. The Policy manager only has one trust store and can only hold one certificate per CN.

Environment

Release:
Component: APIGTW

Resolution

You can:

1) Use the same default SSL certificate chain between the two clusters if desired
2) After the error occurs, reconnect again to the same server but expect the issue to occur when you attempt to connect to the other cluster. 
3) Use different workstations to connect to each environment