API Gateway: GMU Migration Issue With Sensitive Data

book

Article ID: 185798

calendar_today

Updated On:

Products

CA API Gateway API SECURITY STARTER PACK-7

Issue/Introduction

We are facing issues during our migration from a lower environment to higher environment through GMU:

Warning: TLS hostname verification has been disabled

Warning: TLS server certificate check has been disabled

Execution failed. Reason: Migrate in failed: Bad Request Resource validation failed due to 'INVALID_VALUES' Invalid private key data


We are migrating services, cluster-wide properties, private keys, and secured passwords.

Environment

API Gateway: 9.4

Resolution

The clusterPassphrase in the common arguments file, used on the source gateway (to do a migrateOut) MUST MATCH the clusterPassphrase in the common arguments file used on the target gateway (to do a migrateIn). Otherwise, you won't be able to decrypt the encrypted sensitive data in the imported bundle.