Gateway published API not syncing with the portal
search cancel

Gateway published API not syncing with the portal


Article ID: 254250


Updated On:


CA API Developer Portal


The newly created APIs in Gateway with the "Set as Portal Managed Service" setting do not show up in the Portal UI. The portal sync job shows successful but the API count did not increase.

The Gateway log also shows this SSL connection error for the Portal's broker container:

2022-11-11T00:28:23.730+0530 INFO    145 com.l7tech.server.service.ServiceCache: Created/Updated/Deleted: [c4c67bc31cfb43f68294bc82efbe24e8]
2022-11-11T00:28:41.748+0530 INFO    1317 com.l7tech.external.assertions.portaldeployer.server.client.PortalDeployerClient: Attempting to reconnect to broker [wss://]
2022-11-11T00:28:41.759+0530 SEVERE  1325 com.l7tech.external.assertions.portaldeployer.server.client.PortalDeployerClient: Failed connecting to Broker: wss://
MqttException (0) - Remote host terminated the handshake
        at org.eclipse.paho.client.mqttv3.internal.ExceptionHelper.createMqttException(
        at org.eclipse.paho.client.mqttv3.internal.ClientComms$
Caused by: Remote host terminated the handshake
        at org.eclipse.paho.client.mqttv3.internal.websocket.WebSocketSecureNetworkModule.start(
        at org.eclipse.paho.client.mqttv3.internal.ClientComms$
        ... 1 more
Caused by: SSL peer shut down incorrectly
        ... 6 more


Release : 4.5 5.0.X


The MAG license in the Portal's in-built Gateway (Ingress/APIM container) expired.


To confirm this issue is caused by the license expiration, connect a 9.4 version of the policy manager to the portal APIM container:

  • Run this command to get the Gateway admin password (Ingress/apim container)
    • docker inspect $(docker ps --filter name=portal_apim -q) | grep -e TSSG_PUBLIC_HOST -e SSG_ADMIN_PASSWORD -e SSG_ADMIN_USERNAME
  • Using a 9.4 version of the policy manager, connect to the apim-ssg host of the portal. Example: apim-ssg.hostname:9443 (you must use 9443)
  • Use admin and the password from the above docker inspect command to connect
  • You will see a notification about an expired license
  • Here is a copy of the expired license

If you see this expired license, then you can add the attached license. Please make sure not to remove the expired license.

After these steps on portal 5.0.x it may be needed to restart the deployer service on the proxy gateway's  if this is a cluster it needs to be done on all nodes see the following section in the docs.

Additional Information

  • This is a workaround for the Portal 4.5 version
  • This issue is fixed in Portal version
  • The new license will not be there if the portal is restarted; so you need to add the license every time the portal restarts
  • DO NOT remove the old license 


1668448853835__Layer7 Internal_1715135477960984800_SSG_MOB_9.xml get_app