Layer7 API Management

  • Private Community

  • 1.  Reintegrating API Gateway and Portal

    Posted Jun 05, 2017 11:29 AM

    Hello sir,

     

     

    We have gateway 9.2 and Portal 3.5 in the UAT Environment. We have successfully integrated the gateway and portal with their hostnames. We have made certificated of their hostnames and integrated using them.
    The issue is Now the Gateway and Portal are published on the Internet so their domain name and IP has been changed according to the load balancer.
    So is it possible to integrate portal and the gateway again with the new domain name certificates?Please help!!

     

    Thanks!!



  • 2.  Re: Reintegrating API Gateway and Portal

    Posted Jun 05, 2017 03:47 PM

    Irfan,

    Is the integration now broken? Please let us know the problem after the domain has been changed.



  • 3.  Re: Reintegrating API Gateway and Portal

    Posted Jun 05, 2017 09:49 PM

    My understanding is that the integration would fail once you change the hostnames, i think you have to go through the whole processing of setting up mutual ssl between gateway and portal.



  • 4.  Re: Reintegrating API Gateway and Portal

    Posted Jun 06, 2017 05:52 AM

    Dear sir,

     

    As we have made certificates on the cn =hostname and integrated with it the portal. So how can I reimport new certificates with the new domain name in the portal, and what all changes to be made in the gateway and portal?

     

    Thank you!!!



  • 5.  Re: Reintegrating API Gateway and Portal

    Posted Jun 07, 2017 01:08 AM

    you would import the new cert and key to /home/ssgconfig and you would have run the script as you did the first time



  • 6.  Re: Reintegrating API Gateway and Portal

    Broadcom Employee
    Posted Jun 08, 2017 12:41 AM

    Dear irfan.mugale ,

    It may be a bit late, you don't have to change the hostname if you have a load balancer/reverse proxy in front of your portal/gateway.

     

    Regards,

    Mark



  • 7.  Re: Reintegrating API Gateway and Portal

    Posted Jun 19, 2017 03:58 AM

    Now we have just configured the API Gateway and Portal with a new domain and everything is working fine.

    As we have configured the API Gateway and API Portal with a self-signed certificate the Client is now providing us with a CA-Signed certificate for both API gateway and portal.

    SO Please help me on how we can now replace the old self-signed certificate with the new CA Signed for API gateway and portal. Do we need to do gateway and portal integration again?



  • 8.  Re: Reintegrating API Gateway and Portal

    Broadcom Employee
    Posted Jun 26, 2017 01:26 AM

    Hello irfan.mugale ,

    If you change the private key of gateway and portal, yes, you need to redo the integration between portal and gateway.

    for gateway,

    you need to import the new private key, and mark it as default ssl key (Set a Default SSL or CA Private Key - CA API Gateway - 9.2 - CA Technologies Documentation )

    for portal,

    if you want to enable SSL with the new private key, Configure SSL for the API Portal - CA API Developer Portal - 3.5 - CA Technologies Documentation 

    for redo integration,

    on portal, you install the new portal private key and new gateway public key, on gateway, you need to import new portal public key, and create new user associated to the portal public key (user name = portal public key CN)

     

    If you have any problem, you're welcome to open a support ticket.

     

    Regards,

    Mark



  • 9.  Re: Reintegrating API Gateway and Portal

    Posted Jun 26, 2017 02:26 PM

    Hello,

     

    Thank you for your kind help!!!!!