ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Issue with enabling SSL based socket Port via ExtensibleSocketConnectorAssertion-1.0.0 Modular Assertion on API Gateway

book

Article ID: 200440

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway

Issue/Introduction

Issue: When add a socket port for inbound direction by setting SSL enabled configuration, the port is not coming in listening mode. While the same configuration is working on another environment.

Assertion: ExtensibleSocketConnectorAssertion-1.0.0

 

Cause

From the ssg log, there is "missing provider" error,

WARNING 50 com.l7tech.external.assertions.extensiblesocketconnectorassertion.server.SocketConnectorManager: Error starting connector: java.lang.IllegalArgumentException: missing provider

Check the system.properties file, there is a line,

com.l7tech.common.security.jceProviderEngineName=bc

 

This property will replace the default java provider and the ExtensibleSocketConnector Assertion has problem to work with "Bouncy Castle" provider. 

Environment

Release : 9.4

Component : API GATEWAY

Resolution

Comment out the line of com.l7tech.common.security.jceProviderEngineName in system.properties file and restart the gateway on all the nodes.