ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unavailable Hardware Security Module (HSM) Can Prevent the CA API Gateway from Starting


Article ID: 7938


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway


The CA API Gateway will not return to a functional state, after a server restart, if the HSM module is unavailable. This can be verified by the API Gateway's inability to process traffic and/or the following errors present in the SSG log:

2017-08-22T13:29:01.564-0500 WARNING 1 STDERR: at com.l7tech.util.DefaultMasterPasswordFinder.findMasterPasswordBytes( 
2017-08-22T13:29:01.570-0500 WARNING 1 STDERR: at com.l7tech.util.L7C2SecretEncryptor.decryptPassword( 
2017-08-22T13:29:01.575-0500 WARNING 1 STDERR: at com.l7tech.util.MasterPasswordManager.decryptPasswordIfEncrypted( 
2017-08-22T13:29:01.581-0500 WARNING 1 STDERR: at com.l7tech.server.util.PropertiesDecryptor.decryptEncryptedPasswords( 
2017-08-22T13:29:01.586-0500 WARNING 1 STDERR: at com.l7tech.server.util.PasswordDecryptingPropertiesFactoryBean.mergeProperties( 
2017-08-22T13:29:01.592-0500 WARNING 1 STDERR: at org.springframework.beans.factory.config.PropertiesFactoryBean.createInstance( 
2017-08-22T13:29:01.597-0500 WARNING 1 STDERR: at org.springframework.beans.factory.config.PropertiesFactoryBean.createProperties( 
2017-08-22T13:29:01.603-0500 WARNING 1 STDERR: at org.springframework.beans.factory.config.PropertiesFactoryBean.afterPropertiesSet( 
2017-08-22T13:29:01.608-0500 WARNING 1 STDERR: at$ 
2017-08-22T13:29:01.614-0500 WARNING 1 STDERR: at Method) 
2017-08-22T13:29:01.619-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.625-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.631-0500 WARNING 1 STDERR: ... 31 more 
2017-08-22T13:29:01.636-0500 WARNING 1 STDERR: Caused by: com.ncipher.provider.nCRuntimeException: error (st=ServerNotRunning) : NFKM_getinfo 
2017-08-22T13:29:01.642-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.647-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.653-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.658-0500 WARNING 1 STDERR: at com.l7tech.util.KeyStorePrivateKeyMasterPasswordFinder.createDecryptionBag( 
2017-08-22T13:29:01.664-0500 WARNING 1 STDERR: at com.l7tech.util.KeyStorePrivateKeyMasterPasswordFinder.findMasterPasswordBytes( 
2017-08-22T13:29:01.669-0500 WARNING 1 STDERR: at com.l7tech.util.DefaultMasterPasswordFinder.findMasterPasswordBytes( 
2017-08-22T13:29:01.675-0500 WARNING 1 STDERR: ... 42 more 
2017-08-22T13:29:01.680-0500 WARNING 1 STDERR: Caused by: error (st=ServerNotRunning) : NFKM_getinfo 
2017-08-22T13:29:01.688-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.693-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.699-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.705-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.710-0500 WARNING 1 STDERR: at 
2017-08-22T13:29:01.716-0500 WARNING 1 STDERR: at 

**** Unable to start the server: Error starting server : Error creating bean with name 'org.springframework.beans.factory.config.PropertyOverrideConfigurer#0' defined in class path resource [com/l7tech/server/resources/dataAccessContext.xml]: Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanExpressionException: Expression parsing failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'hibernateProperties' defined in class path resource [com/l7tech/server/resources/dataAccessContext.xml]: Invocation of init method failed; nested exception is java.lang.RuntimeException: Unable to instantiate master password finder with File arg: error (st=ServerNotRunning) : NFKM_getinfo


This impacts any API Gateway appliances with a Hardware Security Module (HSM) attached.


If a Hardware Security Module (HSM) is installed on the Gateway, verify the module is physically secure, running, and configured per the product documentation.

Additional Information