Layer7 API Management

Dear All,

We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.

If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.

------------------------------
Regards,
M AnsarBaig
------------------------------

The message encrypted by a certificate can only be decrypted by its paired private key, so is the paired private key imported to gateway? (on "Manage Private Keys")
You can also open a support ticket to ask the document of this tactical assertion.

Regards,
Mark
Original Message:
Sent: 06-17-2020 04:05 PM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear All,

We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.

If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.

------------------------------
Regards,
M AnsarBaig
------------------------------

Hi Zhijun,

Thank you for your prompt response.

Using the same corresponding private key for decrypting the data but the decryption is getting failed. It is CA API Gateway self signed certificate getting used for encryption and decryption for testing purpose.-------------------------------------------

We are having some issue in logging support case , so posted it here for help.
Regards,
Ansar
Original Message:
Sent: 06-17-2020 08:01 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

The message encrypted by a certificate can only be decrypted by its paired private key, so is the paired private key imported to gateway? (on "Manage Private Keys")
You can also open a support ticket to ask the document of this tactical assertion.

Regards,
Mark
Original Message:
Sent: 06-17-2020 04:05 PM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear All,

We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.

If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.

------------------------------
Regards,
M AnsarBaig
------------------------------

Can you share the decryption error message in the ssg log?

Regards,
Mark
Original Message:
Sent: 06-18-2020 09:42 AM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Hi Zhijun,

Thank you for your prompt response.

Using the same corresponding private key for decrypting the data but the decryption is getting failed. It is CA API Gateway self signed certificate getting used for encryption and decryption for testing purpose.-------------------------------------------

We are having some issue in logging support case , so posted it here for help.
Regards,
Ansar
Original Message:
Sent: 06-17-2020 08:01 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

The message encrypted by a certificate can only be decrypted by its paired private key, so is the paired private key imported to gateway? (on "Manage Private Keys")
You can also open a support ticket to ask the document of this tactical assertion.

Regards,
Mark
Original Message:
Sent: 06-17-2020 04:05 PM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear All,

We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.

If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.

------------------------------
Regards,
M AnsarBaig
------------------------------

Dear Zhijun,

Below is the error message from ssg log by directly output of SMIME Encryption Assertion

2020-06-22T18:59:23.856+0530 WARNING 458 com.l7tech.server.message: Message was not processed: Assertion Falsified (600)
2020-06-22T18:59:27.426+0530 WARNING 339 com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion: No content found.
org.bouncycastle.cms.CMSException: No content found.
at org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
at org.bouncycastle.cms.CMSEnvelopedDataParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion.doCheckRequest(Unknown Source)
at com.l7tech.server.policy.assertion.AbstractMessageTargetableServerAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerCompositeAssertion.iterateChildren(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerAllAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.ServerPolicy.checkRequest(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.common.log.HybridDiagnosticContext.doInContext(Unknown Source)
at com.l7tech.server.policy.ServerPolicyHandle.checkRequest(Unknown Source)
at com.l7tech.server.au.b(Unknown Source)
at com.l7tech.server.au.a(Unknown Source)
at com.l7tech.server.au.access$700(Unknown Source)
at com.l7tech.server.MessageProcessor.a(Unknown Source)
at com.l7tech.server.MessageProcessor.processMessageNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.serviceNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.access$000(Unknown Source)
at com.l7tech.server.a7.call(Unknown Source)
at com.l7tech.server.audit.AuditContextFactory.doWithNewAuditContext(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.service(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:342)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at com.l7tech.server.transport.http.HttpNamespaceFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.WsdlFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.ConnectionIdFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.InputTimeoutFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.log.HybridDiagnosticContextServletFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:234)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:181)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at com.l7tech.server.tomcat.ResponseKillerValve.invoke(Unknown Source)
at com.l7tech.server.tomcat.ConnectionIdValve.invoke(Unknown Source)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:295)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:610)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:410)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
2020-06-22T18:59:27.428+0530 INFO 339 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text

When I tried to define the output encrypted data in a set context variable with content type as (application/pkcs7-mime;) , getting bellow error response 

2020-06-22T18:58:35.604+0530 SEVERE 529 com.l7tech.server.SoapMessageProcessingServlet: Java heap space
java.lang.OutOfMemoryError: Java heap space
2020-06-22T18:58:35.614+0530 WARNING 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Unable to get request XML: Stream closed
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.message: Processing request for service: BI [/testbiapi]

Please let me know if any further information is required.

Thanks&Regards,
M Ansar
Original Message:
Sent: 06-18-2020 07:08 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

Can you share the decryption error message in the ssg log?

Regards,
Mark
Original Message:
Sent: 06-18-2020 09:42 AM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Hi Zhijun,

Thank you for your prompt response.

Using the same corresponding private key for decrypting the data but the decryption is getting failed. It is CA API Gateway self signed certificate getting used for encryption and decryption for testing purpose.-------------------------------------------

We are having some issue in logging support case , so posted it here for help.
Regards,
Ansar
Original Message:
Sent: 06-17-2020 08:01 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

The message encrypted by a certificate can only be decrypted by its paired private key, so is the paired private key imported to gateway? (on "Manage Private Keys")
You can also open a support ticket to ask the document of this tactical assertion.

Regards,
Mark
Original Message:
Sent: 06-17-2020 04:05 PM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear All,

We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.

If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.

------------------------------
Regards,
M AnsarBaig
------------------------------

Dear M Ansar,
The error indicate the gateway didn't recognise the content-type of the message.
I find that there is a space between "-" and "mime" in the "application/pkcs7- mime", please correct the content-type and try again.

The gateway by default only support few well known content-types, after correct the content-type, if you still got the same error, you can set the content-type into cluster-wide property contentType.otherTextualTypes,
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/reference/gateway-cluster-properties/miscellaneous-cluster-properties.html


Regards,
Mark
Original Message:
Sent: 06-22-2020 09:41 AM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear Zhijun,

Below is the error message from ssg log by directly output of SMIME Encryption Assertion

2020-06-22T18:59:23.856+0530 WARNING 458 com.l7tech.server.message: Message was not processed: Assertion Falsified (600)
2020-06-22T18:59:27.426+0530 WARNING 339 com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion: No content found.
org.bouncycastle.cms.CMSException: No content found.
at org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
at org.bouncycastle.cms.CMSEnvelopedDataParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion.doCheckRequest(Unknown Source)
at com.l7tech.server.policy.assertion.AbstractMessageTargetableServerAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerCompositeAssertion.iterateChildren(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerAllAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.ServerPolicy.checkRequest(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.common.log.HybridDiagnosticContext.doInContext(Unknown Source)
at com.l7tech.server.policy.ServerPolicyHandle.checkRequest(Unknown Source)
at com.l7tech.server.au.b(Unknown Source)
at com.l7tech.server.au.a(Unknown Source)
at com.l7tech.server.au.access$700(Unknown Source)
at com.l7tech.server.MessageProcessor.a(Unknown Source)
at com.l7tech.server.MessageProcessor.processMessageNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.serviceNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.access$000(Unknown Source)
at com.l7tech.server.a7.call(Unknown Source)
at com.l7tech.server.audit.AuditContextFactory.doWithNewAuditContext(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.service(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:342)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at com.l7tech.server.transport.http.HttpNamespaceFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.WsdlFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.ConnectionIdFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.InputTimeoutFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.log.HybridDiagnosticContextServletFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:234)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:181)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at com.l7tech.server.tomcat.ResponseKillerValve.invoke(Unknown Source)
at com.l7tech.server.tomcat.ConnectionIdValve.invoke(Unknown Source)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:295)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:610)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:410)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
2020-06-22T18:59:27.428+0530 INFO 339 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text

When I tried to define the output encrypted data in a set context variable with content type as (application/pkcs7-mime;) , getting bellow error response

2020-06-22T18:58:35.604+0530 SEVERE 529 com.l7tech.server.SoapMessageProcessingServlet: Java heap space
java.lang.OutOfMemoryError: Java heap space
2020-06-22T18:58:35.614+0530 WARNING 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Unable to get request XML: Stream closed
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.message: Processing request for service: BI [/testbiapi]

Please let me know if any further information is required.

Thanks&Regards,
M Ansar
Original Message:
Sent: 06-18-2020 07:08 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

Can you share the decryption error message in the ssg log?

Regards,
Mark
Original Message:
Sent: 06-18-2020 09:42 AM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Hi Zhijun,

Thank you for your prompt response.

Using the same corresponding private key for decrypting the data but the decryption is getting failed. It is CA API Gateway self signed certificate getting used for encryption and decryption for testing purpose.-------------------------------------------

We are having some issue in logging support case , so posted it here for help.
Regards,
Ansar
Original Message:
Sent: 06-17-2020 08:01 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

The message encrypted by a certificate can only be decrypted by its paired private key, so is the paired private key imported to gateway? (on "Manage Private Keys")
You can also open a support ticket to ask the document of this tactical assertion.

Regards,
Mark
Original Message:
Sent: 06-17-2020 04:05 PM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear All,

We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.

If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.

------------------------------
Regards,
M AnsarBaig
------------------------------

Dear Zhijun,

After adding the cluster-wide property it worked.

Thank you so much for your help.

Regards,
Ansar
Original Message:
Sent: 06-22-2020 06:58 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

Dear M Ansar,
The error indicate the gateway didn't recognise the content-type of the message.
I find that there is a space between "-" and "mime" in the "application/pkcs7- mime", please correct the content-type and try again.

The gateway by default only support few well known content-types, after correct the content-type, if you still got the same error, you can set the content-type into cluster-wide property contentType.otherTextualTypes,
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/reference/gateway-cluster-properties/miscellaneous-cluster-properties.html


Regards,
Mark
Original Message:
Sent: 06-22-2020 09:41 AM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear Zhijun,

Below is the error message from ssg log by directly output of SMIME Encryption Assertion

2020-06-22T18:59:23.856+0530 WARNING 458 com.l7tech.server.message: Message was not processed: Assertion Falsified (600)
2020-06-22T18:59:27.426+0530 WARNING 339 com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion: No content found.
org.bouncycastle.cms.CMSException: No content found.
at org.bouncycastle.cms.CMSContentInfoParser.<init>(Unknown Source)
at org.bouncycastle.cms.CMSEnvelopedDataParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at org.bouncycastle.mail.smime.SMIMEEnvelopedParser.<init>(Unknown Source)
at com.l7tech.external.assertions.smime.server.ServerSMimeDecryptionAssertion.doCheckRequest(Unknown Source)
at com.l7tech.server.policy.assertion.AbstractMessageTargetableServerAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerCompositeAssertion.iterateChildren(Unknown Source)
at com.l7tech.server.policy.assertion.composite.ServerAllAssertion.checkRequest(Unknown Source)
at com.l7tech.server.policy.ServerPolicy.checkRequest(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.server.policy.al.call(Unknown Source)
at com.l7tech.common.log.HybridDiagnosticContext.doInContext(Unknown Source)
at com.l7tech.server.policy.ServerPolicyHandle.checkRequest(Unknown Source)
at com.l7tech.server.au.b(Unknown Source)
at com.l7tech.server.au.a(Unknown Source)
at com.l7tech.server.au.access$700(Unknown Source)
at com.l7tech.server.MessageProcessor.a(Unknown Source)
at com.l7tech.server.MessageProcessor.processMessageNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.serviceNoAudit(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.access$000(Unknown Source)
at com.l7tech.server.a7.call(Unknown Source)
at com.l7tech.server.audit.AuditContextFactory.doWithNewAuditContext(Unknown Source)
at com.l7tech.server.SoapMessageProcessingServlet.service(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:342)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at com.l7tech.server.transport.http.HttpNamespaceFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.WsdlFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.ConnectionIdFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.transport.http.InputTimeoutFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.l7tech.server.log.HybridDiagnosticContextServletFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:234)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:181)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at com.l7tech.server.tomcat.ResponseKillerValve.invoke(Unknown Source)
at com.l7tech.server.tomcat.ConnectionIdValve.invoke(Unknown Source)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:295)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:610)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:410)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
2020-06-22T18:59:27.428+0530 INFO 339 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text

When I tried to define the output encrypted data in a set context variable with content type as (application/pkcs7-mime;) , getting bellow error response

2020-06-22T18:58:35.604+0530 SEVERE 529 com.l7tech.server.SoapMessageProcessingServlet: Java heap space
java.lang.OutOfMemoryError: Java heap space
2020-06-22T18:58:35.614+0530 WARNING 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Unable to get request XML: Stream closed
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.audit.MessageSummaryAuditFactory: Content-Type of response ("application/pkcs7- mime; smime-type=enveloped-data; name="smime.p7m"") is unknown or not text; using ISO-8859-1 to save response text
2020-06-22T18:58:35.615+0530 INFO 529 com.l7tech.server.message: Processing request for service: BI [/testbiapi]

Please let me know if any further information is required.

Thanks&Regards,
M Ansar
Original Message:
Sent: 06-18-2020 07:08 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

Can you share the decryption error message in the ssg log?

Regards,
Mark
Original Message:
Sent: 06-18-2020 09:42 AM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Hi Zhijun,

Thank you for your prompt response.

Using the same corresponding private key for decrypting the data but the decryption is getting failed. It is CA API Gateway self signed certificate getting used for encryption and decryption for testing purpose.-------------------------------------------

We are having some issue in logging support case , so posted it here for help.
Regards,
Ansar
Original Message:
Sent: 06-17-2020 08:01 PM
From: Zhijun He
Subject: S/MIME Message Encryption Assertion

The message encrypted by a certificate can only be decrypted by its paired private key, so is the paired private key imported to gateway? (on "Manage Private Keys")
You can also open a support ticket to ask the document of this tactical assertion.

Regards,
Mark
Original Message:
Sent: 06-17-2020 04:05 PM
From: AnsarBaig Mirza
Subject: S/MIME Message Encryption Assertion

Dear All,

We uploaded SMIME Tactical Assertion in our CA API Gateway 9.4 version. But while using the SMIME Message Encryption Assetion in the API to encrypt the message we are getting the output message which is not in readable format and the same is not able to decrypt with SMIME Message Decryption. Attaching the response screenshot and API used for encryption.

If possible request you to provide sample policy of message encryptions using SMIME Tactical Assertions.

------------------------------
Regards,
M AnsarBaig
------------------------------