CA API Gateway CA Single Sign On SDK installation for Container Form-Factor
search cancel

CA API Gateway CA Single Sign On SDK installation for Container Form-Factor

book

Article ID: 248818

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Running the Container Gateway you may see this error if you attempt to use the CA Single Sign-On SDK integration from the Policy Manager.

Cannot Find CA Single Sign-On SDK!

Environment

Release : 10.1 11.x  Container Gateway

 

Cause

The CA Single Sign-On SDK is disabled by default on the container form-factor of the Gateway

Resolution

Please see this section in the  documentation to enable the CA Single Sign-On SDK on the container Gateway

Environment Variables for the Container Gateway

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/congw11-1/install-configure-upgrade/configuring-the-container-gateway/environment-variables-for-the-container-gateway.html

Use Dcom.l7tech.server.siteminder.enabled=true

 

You can add this setting to the  javaArgs: of the helm chart  see example below 

config:
  # Heap Size should be a percentage of the memory configured in resource limits
  # by default it is 50% - you should not go above 75%
  heapSize: "2g"
  javaArgs:
    - -Dcom.l7tech.bootstrap.autoTrustSslKey=trustAnchor,TrustedFor.SSL,TrustedFor.SAML_ISSUER
    - -Dcom.l7tech.server.audit.message.saveToInternal=false
    - -Dcom.l7tech.server.audit.admin.saveToInternal=false
    - -Dcom.l7tech.server.audit.system.saveToInternal=false
    - -Dcom.l7tech.server.audit.log.format=json
    - -Djava.util.logging.config.file=/opt/SecureSpan/Gateway/node/default/etc/conf/log-override.properties
    - -Dcom.l7tech.server.pkix.useDefaultTrustAnchors=true
    - -Dcom.l7tech.security.ssl.hostAllowWildcard=false
    - -Dcom.l7tech.server.siteminder.enabled=true

  log:
    override: true

Powered by Wolken Software