Change of Private Key on API Gateway
search cancel

Change of Private Key on API Gateway


Article ID: 236404


Updated On:


CA API Gateway


The Private Key on API Gateway is used for signing messages and is configured in the policies. The Public Certificate is shared with the consuming applications for verifying the signature. This certificate is due for expiry. Please provide steps to renew the Private Key on API Gateway without changing the alias name. The alias name must remain the same as it is referred in multiple policies and needs reconfiguration if we modify the alias.


API Gateway 10.0


Perform the following steps:

1. Take a snapshot of the Gateway
2. Delete the current key 
3. Import the new key (with the same alias) 

NOTE: If this is being done in a clustered environment, all nodes must be restarted.

Policies/services will not be disrupted as long as the alias is still the same.