Broadcom API Portal: Unable to retrieve bearer token through PAPI - error "Failed to Fetch" when Portal uses a self-signed certificate
search cancel

Broadcom API Portal: Unable to retrieve bearer token through PAPI - error "Failed to Fetch" when Portal uses a self-signed certificate

book

Article ID: 407234

calendar_today

Updated On:

Products

CA API Developer Portal

Issue/Introduction

Previously, the customer was able to authorise and retrieve a bearer token via PAPI in an API Portal 5.3.x.

However, recently they have been experiencing an authentication issue that leads to the error Failed to Fetch 

Environment

API Portal 5.3.x

Cause

Further troubleshooting shows that the browser (Chrome in this case) generates a network error when using a self-signed certificate.

This can be verified within Chrome's DevTools under the Console tab

This is an expected behaviour and not an issue with our product. 

A browser considers a self-signed certificate a security risk since no known CA Authority was used to sign the certificate.

 

Resolution

The recommended solution is to use a signed certificate with Portal (this is a must in production).

Create and Sign Certificates for Production

However, if that is not an option or the Portal is not a production system, the customer can use a workaround, forcing Chrome to trust the self-signed certificate by accepting the risks of using a self-signed certificate. 

To do so:

  1. Copy the full URL that is hitting the ERR_CERT_AUTHORITY_INVALID error.
  2. Paste and open the URL in a new Chrome tab or page.
  3. Accept the risk and trust the certificate
  4. Back to the API Portal and re-try to retrieve a token
Powered by Wolken Software