AnsweredAssumed Answered

How do I setup SSL for Gateway Management Client?

Question asked by Rob.J on Jun 20, 2018
Latest reply on Jul 18, 2018 by Rob.J

I want to use the gatewayManagementClient.sh script to manage a few things in our CA API Gateway (v9.2.0).  I have found the WS Management API page in the documentation and it provides some examples of using the ./gatewayManagementClient.sh script that makes use of the WS-Man interface (I followed the steps in Auto-Provisioning a Service to make it available).

 

But when I execute the script I get the following error:  Server TSL/SSL certificate not trusted.  This is whether I am doing this on a remote machine or the gateway machine itself. 

 

I can create a csr and a signed cert from it.  My two questions right now are:

 

1) How do I give the CA API Gateway the signed certificate so it knows to trust calls with the WS Management API?

 

2) When I use the gatewayManagementClient.sh how do I associate my signed certificate with it?

 

Is there some documentation I just haven't found that can help me through all this?

 

EDIT:  I was misunderstanding what was happening here:  The CLIENT is not trusting the cert from the server.  So the real question is, how do I add an exception or create a trusted cert store on the client machine?  In the meantime I just turned off verification of the server.

 

But now I just get a "Policy Falsified" error no matter what I send to the server (unless I take the server down...then I get connection refused, so my calls are at least getting to the server).  All I'm trying to do is make some non-invasive calls to learn how to use the client.  But even just asking it to enumerate types gives this error.  Is there some documentation or a lab or something to get you started?

Outcomes