Typically, the Gateway will throw these errors when it is unable to access the encrypted software keystore contained within MySQL. This access is regulated using the cluster passphrase.

This cluster passphrase is maintained within the /opt/SecureSpan/Gateway/node/default/etc/conf/node.properties file. It is an encrypted value contained in the node.cluster.pass property.

All supported versions of the API Gateway

In order to resolve this issue, you must first provide the correct cluster passphrase in the node.cluster.pass property as a cleartext string. Then, restart the Gateway service. To do the following:

1. Log into the Gateway as the ssgconfig user
2. Select Option 3: Use a privileged shell (root)
3. Open the node.properties file for editing

4. Remove the value of node.cluster.pass
5. Replace with the cleartext cluster passphrase
6. Save the file
7. Restart the Gateway service

At this point, the Gateway will either fail to start or start successfully.

Gateway Successfully Starts

If the Gateway starts successfully, you will need to force the Gateway to re-encrypt the cluster passphrase, or else it will continue to use a cleartext passphrase in the node.properties file. To do so, exit the privileged shell and return to the ssgconfig menu and do the following:

1. Select Option 2: Display Layer 7 Gateway configuration menu
2. Select Option 4: Change the Master Passphrase
3. Provide the current passphrase
4. Provide the cluster passphrase you wish to use

1. Confirm the cluster passphrase
2. Select Option 7: Manage Layer 7 Gateway status
3. Select Option 2: Restart the Layer 7 Gateway

At this point, you can access the privileged shell, open the node.properties file, and confirm that the node.cluster.pass value has been encoded and encrypted.

Gateway Fails to Start

If the Gateway fails to start after manually setting the cluster passphrase in node.properties then the cluster passphrase provided is incorrect. Because this is an encrypted value, there is not a method of retrieving this password post upgrade or migration. If a backup of the Gateway was taken before upgrading or migrating, it is possible that the cluster passphrase can be restored. If you have this backup, please contact Layer 7 Support by opening a new support request specifying "Lost Cluster Passphrase" in the Subject area.