API Developer Portal: Enrollment Fails on API Gateway

book

Article ID: 8668

calendar_today

Updated On:

Products

CA API Developer Portal CA API Gateway

Issue/Introduction

When attempting to to enroll the API Gateway cluster with API Portal from the task menu, the resulting error is:

"Unable to enroll: RESTMAN failed with result=<class com.l7tech.policy.assertion.AssertionStatus: 0=FINE:No Error> httpStatus=409: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>" 

The actual reason for the failure can be found in the SSG log on gateway:

WARNING 35 com.l7tech.external.assertions.gatewaymanagement.server.ServerRESTGatewayManagementAssertion: 9050: Error processing management request: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> 

<l7:Item xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management"> 

... 

<l7:Mapping action="NewOrExisting" errorType="TargetNotFound" srcId="00000000000000000000000000000002:SSL" type="SSG_KEY_ENTRY"> 

<l7:Properties> 

<l7:Property key="ErrorMessage"> 

<l7:StringValue>Could not locate entity: Fail on new specified and could not locate existing target. Source Entity: EntityHeader. Name=null, id=00000000000000000000000000000002:SSL, description=null, type = SSG_KEY_ENTRY</l7:StringValue> 

</l7:Property> 

<l7:Property key="FailOnNew"> 

<l7:BooleanValue>true</l7:BooleanValue> 

</l7:Property> 

</l7:Properties> 

</l7:Mapping> 




Environment

CA API Gateway 9.x appliance CA API Portal 4.x

Resolution

The resolution is to ensure the default private key on the API Gateway tenant has an alias of "ssl" 

The application is expecting a default private key with an alias of "ssl". If the key does not exist, please recreate one and confirm that entity exists by running https://<SSG_URL>:8443/restman/1.0/privateKeys 

 

 

Additional Information

Occasionally, after the original error is resolved, the following error may occur:

The original error may still occur in the Policy Manager but there is a different error in SSG log:

 

/l7:Mapping>

<l7:Mapping action="NewOrExisting" errorType="TargetNotFound" srcId="f7b0867f9dd395f4d60fd722248300d7" type="ENCAPSULATED_ASSERTION">

<l7:Properties>

<l7:Property key="ErrorMessage">

<l7:StringValue>Could not locate entity: Fail on new specified and could not locate existing target. Source Entity: EntityHeader. Name=Portal API Key Sync, id=f7b0867f9dd395f4d60fd722248300d7, description=null, type = ENCAPSULATED_ASSERTION</l7:StringValue>

</l7:Property>

<l7:Property key="FailOnNew">

<l7:BooleanValue>true</l7:BooleanValue>

</l7:Property>

<l7:Property key="MapBy">

<l7:StringValue>name</l7:StringValue>

</l7:Property>

</l7:Properties>

</l7:Mapping> 

 

This secondary issue is a result of not installing the "Shared Portal Components" during the OTK solution kit installation.