I am looking to "migrateIn" a policy and was able to successfully at one time. When I instantiated a new instance of API Gateway I could no longer import the policy. The messages I receive during migrateIn are:
Warning: TLS hostname verification has been disabled Running...... Execution failed. Reason: Migrate in failed: Bad Request Resource validation failed due to 'INVALID_VALUES' The user encrypted password in not valid. Message: Unable to decrypt password: bad mac value
When I use the old password and encryptionPassphrase from the previous server the policy imports (currently those 2 server instances match). Why is
GatewayMigrationUtility.sh encodePassword --password some_password --hideProgress
failing to generate an understandable encryption...or why is the new API Gateway instance unable to decrypt it?
How do I correct it?
I am using API Gateway 9.1 and GatewayMigrationUtility 1.3.00. I think it might be possible I used GatewayMigrationUtility 1.2.00 to generate the original/functional password and encryptionPassphrase, but doesn't seem to help if I use the old version.