Layer7 API Management

 View Only
  • 1.  HTTPS route error

    Posted Aug 23, 2017 05:59 AM

    Hi guys I am working on Layer7 8.3 Policy Manager.

    I am trying to route to HTTPS URL via Route assertion. I am getting below error.

     

    2017-08-23T12:26:07.313-0500 WARNING 698 com.l7tech.server.policy.assertion.ServerHttpRoutingAssertion:

    4042: Problem routing to https://layer7.gateway.com/a/b/c/d

    Error msg: Unable to obtain HTTP response from https://layer7.gateway.com/a/b/c/d

    Connection to https://layer7.gateway.com refused. Caused by: Connection refused

     

    What is the issue & how to solve it?

     

    Actually i have two services in Policy Manager Service1 & Service2

    I am trying to call Service1 from Service2 via HTTP Route Assertion

    Charles_Lilienkamp zhijun.zhang wauch01

    Thanks



  • 2.  Re: HTTPS route error

    Broadcom Employee
    Posted Aug 23, 2017 09:28 AM

    This is usually a result of routing to an invalid port. If you don't specify a port number for an https route it defaults to port 443, and for http it defaults to port 80. If your endpoint is not listening on these ports, then you'll receive the "Connection refused" error you're seeing.

     

    Verify the port number that the backend is listening to, and specify that in the routing assertion and re-test.

     

    Regards,

    Azad



  • 3.  Re: HTTPS route error

    Posted Aug 23, 2017 03:40 PM

    Hi ellaz01 thanks for the answer.  Kindly let me know if I understood your answer,

    My scenario:

    Service 1(/ser1/*) - When I make a call to https://layer7.gateway.com/ser1/abc it will use HTTP Route assertion & calls http://backend.com:9858/something/ & gives me response.

     

    Service 2(/ser2/*) - I have a HTTP Route Assertion to call Service 1 - https://layer7.gateway.com/ser1/abc when hit Service 2 - https://layer7.gateway.com/ser2/test I am getting the above mentioned error.

     

    So according to your answer should I change my HTTP Route Assertion in Service 2 to call https://layer7.gateway.com:9858/ser1/abc added port number of backend from Service 1.

     

    Thanks



  • 4.  Re: HTTPS route error
    Best Answer

    Broadcom Employee
    Posted Aug 23, 2017 04:05 PM

    siddharth-b,

     

    If your routing assertion in Service2 is routing to another service on the API Gateway, then you will want to use one of the API Gateway listen ports. Since the API Gateway is routing to the API Gateway, it needs to be a valid listen port on the API Gateway. Since it's https in your example, the default listen ports for https on the API Gateways are 8443 and 9443. Your routing assertion should look like this:
    https://layer7.gateway.com:9443/ser1/abc

     

    If you have changed the default https listen ports on the API Gateway, then you will want to replace the 9443 port accordingly. If you are using http instead of https, then port 8080 is the default.

     

    Regards,

    Azad



  • 5.  Re: HTTPS route error

    Posted May 03, 2018 04:10 AM

    Hi Azad,

     

    We are facing same connection refused issue even after including port 8443/9443 while invoking service from another service in same gateway.

     

    Kindly let me know how it to procced now.

     

    Regards,

    Suneel



  • 6.  Re: HTTPS route error

    Broadcom Employee
    Posted May 03, 2018 10:10 PM

    Dear Suneel,

    Are you using localhost or fqdn of the gateway? if using fqdn, check if the current gateway can resolve it, just simply ping it.

    if ping is not good, you may add the fqdn in /etc/hosts

    if ping is good, then check the port properties on "Manage Listen Ports", ensure the 1st option "Published service message input" is checked( if you're calling the build-in service, you need the 2nd option checked as well)

     

    Regards,

    Mark



  • 7.  Re: HTTPS route error

    Posted May 04, 2018 04:37 PM

    Hi Mark,

     

    We are using fqdn name of the gateway.

    As suggested by CA team, we have moved second API call to policy fragment even though facing same issue.

    We have checked "Published service message input" in "Manage Listen Port" under port 8443.

    When tested ping and no issues observed.

    And we are observing connection refused error frequently and after retries getting connected. 

     

    Regards,

    Suneel

     



  • 8.  Re: HTTPS route error

    Broadcom Employee
    Posted May 06, 2018 07:16 PM

    Can you run the curl command with -v flag?

    curl -kv https://<fqdn>:8443/<api uri>

     

    please show the screen output.

     

    When connection refused, do you see any error message in ssg log? (/opt/SecureSpan/Gateway/node/default/var/logs/ssg_0_0.log)

    In another word, do you have Rate limit assertion or Apply quota assertion in your policy ?