Layer7 API Management

Hi CA Community,

I am trying to install the CA API Developer Portal and I have an error during the installation.

When I am trying to reload the Apache HTTPD configuration - 3) Configure Apache httpd.conf   >   4) Reload Apache HTTPD Configuration

I have this message :

Error: Reloading httpd: not reloading due to configuration syntax error [FAILED]

I didn't find more information in the logs.

When I am trying to access to this address : http://<portal_hostname_or_IP>/admin

it doesn't work and in the file catalina.out, I found this line :

Caused by: java.security.UnrecoverableKeyException: Get Key failed: null

I don't know where the problem come from because I didn't have an error when adding all the certificates and keys.

Thank you for your help !

Hello chovine,

I believe this error came after configuring SSL for API Portal. Correct? If so can you please check if your /etc/httpd/conf/httpd.conf file shows exactly below

ProxyPass / http://localhost:37080/

ProxyPassReverse / http://<your API Portal Hostname>/

ProxyPreserveHost on

Thank you!

Hi Sravankanumuri,

Thank you for your answer.

I have none of this line in the /etc/httpd/conf/httpd.conf file.

Should I add them ? And where, please ?

Best regards

Hello chovine,

It should be there usually around middle of the file. But if you think something is corrupted. I would recommend to open a ticket with CA Support.

Thank you!

Hi,

it's due to the syntax error in httpd.cnf, if you have a backup, you can roll back and then follow the portal document to modify httpd.cnf again.

Regards,

Mark

Hi Zhijun,

I asked to reinstall HTTPD on my server and I had a new error which was that the conf doesn't find the key localhost.key in the file /etc/pki/tls/private/localhost.key

I took the liberty to rename the key of my portal and place it in the folder.

The service HTTPD starts now.

But I still have a problem to connect to the portal ath this adress : http://<your API Portal Hostname>/

I think it can be a problem about the SSL Mutual Authentification with the Gateway but I don't know.

Do you have an idea where I can find some logs to explain my problem with more details ?

Thank you very much !

Dear chovine,

Are you able now to use the portal via its https interface ?

Could you be more precise with your current troubles ?

Hi Chovine,

the default httpd log should locate at /var/log/httpd

I'm a bit confuse what you're trying to do, are you trying to configure SSL for api portal? or just access the portal via http?

for http, you can access portal via http://hostname:37080, or configure reverse proxy for httpd

ProxyPass / http://localhost:37080/

ProxyPassReverse / http://localhost:37080/

ProxyPreserveHost on

ensure module mod_proxy is loaded,

LoadModule proxy_module modules/mod_proxy.so

for https, please refer to

Configure SSL for the API Portal - CA API Developer Portal - 3.5 - CA Technologies Documentation

and the reverse proxy settings will look like,

ProxyPass / http://<your API Portal Hostname>:37080/

ProxyPassReverse / http://<your API Portal Hostname>:37080/

ProxyPassReverse / http://<your API Portal Hostname>/

ProxyPreserveHost on

NOTE the 3rd line, it's the step 7 in the above document

additional steps (required)

9. Add the following lines to /opt/Deployments/lrs/server/webapps/jforum/WEB-INF/config/jforum-custom.conf

redirect.absolute.paths=true

redirect.base.url=https://<your API Portal Hostname>

10. Search the keyword "http" in following files,

/opt/Deployments/lrs/server/webapps/jforum/WEB-INF/config/jforum-custom.conf

/opt/Deployments/lrs/server/webapps/ROOT/site-configuration.xml

And replace all of http to https.

11. (optional) comment out Listen 80 in httpd.conf

Hi Zhijun He,

I am just following this procedure, so I just try to access to the Portal via http :

Install and Configure CA API Developer Portal (Software) - CA API Developer Portal - 3.5 - CA Technologies Documentation

And then :

Get Started Using the API Portal - CA API Developer Portal - 3.5 - CA Technologies Documentation

After doing all the steps, with no errors, I simply access to this address : http://<portal_hostname_or_IP>/admin, give the default credentials and I doesn't work.

When I look in the file catalina.out, I have the following error :

ERROR (SimpleThreadPoolWorker-2:) - [APIListXS general] -- java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

        at javax.net.ssl.DefaultSSLSocketFactory.throwException(SSLSocketFactory.java:248)

        at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:255)

        at sun.net.www.protocol.https.HttpsClient.createSocket(HttpsClient.java:405)

        at sun.net.NetworkClient.doConnect(NetworkClient.java:162)

        at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)

        at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)

        at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264)

        at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)

        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)

        at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1105)

        at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:999)

        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)

        at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)

        at com.thelevel.lrs.gateway.LRSWrapper.processRequest(LRSWrapper.java:466)

        at com.thelevel.lrs.gateway.LRSWrapper.processRequest(LRSWrapper.java:394)

        at com.thelevel.lrs.gateway.LRSWrapper.getAPIs(LRSWrapper.java:101)

        at com.thelevel.lrs.gateway.APIListXS.getXML(APIListXS.java:161)

        at com.thelevel.cms.xmlsources.AbstractXMLSource.getXML(AbstractXMLSource.java:172)

        at com.thelevel.cms.site.PageRule.handleRequest(PageRule.java:237)

        at com.thelevel.cms.site.CMSSiteHandler.handleRequest(CMSSiteHandler.java:488)

        at com.thelevel.cms.admin.EditingUtils.makeInternalRequest(EditingUtils.java:133)

        at com.thelevel.cms.admin.EditingUtils.makeInternalRequest(EditingUtils.java:115)

        at com.thelevel.cms.xmlsources.SaveInternalRequest.getXML(SaveInternalRequest.java:72)

        at com.thelevel.cms.xmlsources.AbstractXMLSource.getXML(AbstractXMLSource.java:172)

        at com.thelevel.cms.site.PageRule.handleRequest(PageRule.java:237)

        at com.thelevel.cms.site.CMSSiteHandler.handleRequest(CMSSiteHandler.java:488)

        at com.thelevel.cms.scheduler.ScheduleJob.execute(ScheduleJob.java:56)

        at org.quartz.core.JobRunShell.run(JobRunShell.java:202)

        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:525)

Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

        at java.security.Provider$Service.newInstance(Provider.java:1617)

        at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)

        at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)

        at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)

        at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)

        at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:122)

        at javax.net.ssl.HttpsURLConnection.getDefaultSSLSocketFactory(HttpsURLConnection.java:332)

        at javax.net.ssl.HttpsURLConnection.<init>(HttpsURLConnection.java:289)

        at sun.net.www.protocol.https.HttpsURLConnectionImpl.<init>(HttpsURLConnectionImpl.java:85)

        at sun.net.www.protocol.https.Handler.openConnection(Handler.java:62)

        at sun.net.www.protocol.https.Handler.openConnection(Handler.java:57)

        at java.net.URL.openConnection(URL.java:979)

        at com.thelevel.lrs.gateway.LRSWrapper.processRequest(LRSWrapper.java:412)

        at com.thelevel.lrs.gateway.LRSWrapper.checkOTK(LRSWrapper.java:137)

        at com.thelevel.lrs.gateway.LRSGatewayPlugin.checkOTK(LRSGatewayPlugin.java:521)

        at com.thelevel.lrs.gateway.LRSGatewayPlugin.start(LRSGatewayPlugin.java:170)

        at com.thelevel.cms.plugins.PluginManager.startPlugins(PluginManager.java:378)

        at com.thelevel.cms.plugins.PluginManager.init(PluginManager.java:87)

        at com.thelevel.cms.CMSBootstrapper.composeApplication(CMSBootstrapper.java:453)

        at com.thelevel.cms.CMSBootstrapper.contextInitialized(CMSBootstrapper.java:280)

        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4210)

        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4709)

        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)

        at org.apache.catalina.core.StandardHost.start(StandardHost.java:822)

        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)

        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)

        at org.apache.catalina.core.StandardService.start(StandardService.java:525)

        at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)

        at org.apache.catalina.startup.Catalina.start(Catalina.java:595)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:497)

        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)

        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

Caused by: java.security.UnrecoverableKeyException: Get Key failed: null

        at sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:410)

        at java.security.KeyStore.getKey(KeyStore.java:1023)

        at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:133)

        at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)

        at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)

        at sun.security.ssl.SSLContextImpl$DefaultSSLContext.getDefaultKeyManager(SSLContextImpl.java:874)

        at sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(SSLContextImpl.java:732)

        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)

        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)

        at java.lang.reflect.Constructor.newInstance(Constructor.java:422)

        at java.security.Provider$Service.newInstance(Provider.java:1595)

        ... 34 more

Caused by: java.lang.NullPointerException

        at sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:351)

        ... 45 more

I tried to follow your instructions but it add errors to the HTTPD configuration.

I don't have other clues about what is happening.

Best regards,

Clotilde

login http://<host>/admin should not require SSL.

can you try http://<host>:37080/admin ? if it's working then configuration of httpd has problem.