Layer7 API Management

  • 1.  Alias issue for private key import

    Posted Apr 22, 2019 06:31 PM

    Hello,

    I am trying to import private key using Restman API and it is asking for the alias name even though it is optional. Can someone please point me any issue with my config? below is the info I'm using from postman

    URL: https://hostname:9443/restman/1.0/privateKeys/00000000000000000000000000000002:apigw/import 

    headers: Content-Type: application/xml

    Authorization: Basic base64(username:password)

    Request Body:

    <l7:PrivateKeyImportContext xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
    <l7:Pkcs12Data>base64(pkcs12)</l7:Pkcs12Data>
    <l7:Password>Password123!</l7:Password>
    </l7:PrivateKeyImportContext>

    Response: 

    <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <l7:Error xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
    <l7:Type>InvalidResource</l7:Type>
    <l7:TimeStamp>2019-04-22T17:20:26.189-05:00</l7:TimeStamp>
    <l7:Link rel="self" uri="https://hostname:9443/restman/1.0/privateKeys/00000000000000000000000000000002:apigw/import"/>
    <l7:Detail>Resource validation failed due to 'INVALID_VALUES' Alias must be specified : [string]</l7:Detail>
    </l7:Error>

     

    I tried to use the same alias name given in the URI in request body to workaround this and got another error that alias not found. Below is the info I'm using for this call from postman.

    URL: https://hostname:9443/restman/1.0/privateKeys/00000000000000000000000000000002:apigw/import 

    headers: Content-Type: application/xml

    Authorization: Basic base64(username:password)

    Request Body:

    <l7:PrivateKeyImportContext xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
    <l7:Pkcs12Data>base64(pkcs12)</l7:Pkcs12Data>
    <l7:Alias>apigw</l7:Alias>
    <l7:Password>Password123!</l7:Password>
    </l7:PrivateKeyImportContext>

    Response: 

    <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <l7:Error xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
    <l7:Type>InvalidResource</l7:Type>
    <l7:TimeStamp>2019-04-22T17:27:02.547-05:00</l7:TimeStamp>
    <l7:Link rel="self" uri="https://hostname:9443/restman/1.0/privateKeys/00000000000000000000000000000002:apigw/import"/>
    <l7:Detail>Resource validation failed due to 'INVALID_VALUES' Aliases not found : apigw</l7:Detail>
    </l7:Error>

     

    Any help is appreciated! Thank you!



  • 2.  Re: Alias issue for private key import

    Broadcom Employee
    Posted Apr 23, 2019 11:00 AM

    Hi,

     

    If the alias is not specified it will be created from the DN in the key .

    Does the <l7:Pkcs12Data>base64(pkcs12)</l7:Pkcs12Data> contains a valid key ?

     

    Dirk



  • 3.  Re: Alias issue for private key import

    Posted Apr 23, 2019 11:22 AM

    Thank you for your response Dirk! It appears that it is not pulling alias name from DN.

    I think my pkcs12Data is valid. Just to confirm, I exported an existing Key and tried to import using a new alias name and gets same error message that "Resource validation failed due to 'INVALID_VALUES' Aliases not found : apigw"

     

    Please let me know if I'm doing anything wrong.



  • 4.  Re: Alias issue for private key import

    Broadcom Employee
    Posted May 02, 2019 05:02 AM

    Hi  

     

    I just tried this and it works fine for me if i export a key and then import it again with another alias in policy manager.

    Trying the same with restman it seems to work when you leave out the <l7:Alias>apigw</l7:Alias> from the request body  .

     

    if this also fails i would suggest to raise a support case so we can have a closer look

     

    Dirk