Route failing for Restman target
search cancel

Route failing for Restman target

book

Article ID: 256735

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

The objective is to retrieve a certificate that is soon to expire via a policy assertion. There was an attempt to grab the subject name from the resource under REST management (https://<gateway hostname>:8443/restman/1.0/trustedCertificates). When passing the correct credentials within the route, there is an "Authenticated Fail" message. Why is this occurring?

mainpart = {String} "<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Body>
        <soapenv:Fault>
            <faultcode>soapenv:Server</faultcode>
            <faultstring>Policy Falsified</faultstring>
            <faultactor>https://<hostname>:8443/restman/1.0/trustedCertificates</faultactor>
            <detail>
                <l7:policyResult status="Authentication Failed" xmlns:l7="http://www.layer7tech.com/ws/policy/fault"/>
            </detail>
        </soapenv:Fault>
    </soapenv:Body>
</soapenv:Envelope>

 

Environment

API Gateway 10.1

Cause

The RESTMAN service is called from their route on the same Gateway.  The Authorization Header is set with the expected value however when the request routes to the RESTMAN service the assertions that is satisfied is the “Required SSL or TLS Transport with Client Certificate Authentication” assertions this fails authentication 

Resolution

Workaround: Choose "Use no private key" option for Route Assertion to get a response using https://${gateway.cluster.hostname}:8443

Right-click on the route to Select Private Key option 

 

Switch by clicking  "Use no private key"