When attempting to to enroll the API Gateway cluster with API Portal from the task menu, the resulting error is:
"Unable to enroll: RESTMAN failed with result=<class com.l7tech.policy.assertion.AssertionStatus: 0=FINE:No Error> httpStatus=409: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>"
The actual reason for the failure can be found in the SSG log on gateway:
WARNING 35 com.l7tech.external.assertions.gatewaymanagement.server.ServerRESTGatewayManagementAssertion: 9050: Error processing management request: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<l7:Item xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
...
<l7:Mapping action="NewOrExisting" errorType="TargetNotFound" srcId="00000000000000000000000000000002:SSL" type="SSG_KEY_ENTRY">
<l7:Properties>
<l7:Property key="ErrorMessage">
<l7:StringValue>Could not locate entity: Fail on new specified and could not locate existing target. Source Entity: EntityHeader. Name=null, id=00000000000000000000000000000002:SSL, description=null, type = SSG_KEY_ENTRY</l7:StringValue>
</l7:Property>
<l7:Property key="FailOnNew">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
</l7:Properties>
</l7:Mapping>
CA API Gateway 9.x appliance CA API Portal 4.x
The resolution is to ensure the default private key on the API Gateway tenant has an alias of "ssl"
The application is expecting a default private key with an alias of "ssl". If the key does not exist, please create one and confirm that entity exists by running https://<SSG_URL>:8443/restman/1.0/privateKeys
Occasionally, after the original error is resolved, the following error may occur:
The original error may still occur in the Policy Manager but there is a different error in SSG log:
/l7:Mapping>
<l7:Mapping action="NewOrExisting" errorType="TargetNotFound" srcId="f7b0867f9dd395f4d60fd722248300d7" type="ENCAPSULATED_ASSERTION">
<l7:Properties>
<l7:Property key="ErrorMessage">
<l7:StringValue>Could not locate entity: Fail on new specified and could not locate existing target. Source Entity: EntityHeader. Name=Portal API Key Sync, id=f7b0867f9dd395f4d60fd722248300d7, description=null, type = ENCAPSULATED_ASSERTION</l7:StringValue>
</l7:Property>
<l7:Property key="FailOnNew">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="MapBy">
<l7:StringValue>name</l7:StringValue>
</l7:Property>
</l7:Properties>
</l7:Mapping>
This secondary issue is a result of not installing the "Shared Portal Components" during the OTK solution kit installation.