4.2 Issues with Accessing APIs

4.2.1 Creating an OAuth Client Fails

Issue: The Store fails to create an OAuth client during the subscription process to an API.

Solution: Ensure that your OAuth configuration is complete in Access Manager. If you do not perform all four steps required to enable and configure OAuth in Access Manager, Secure API Manager cannot complete the subscription process for the APIs.

4.2.2 SSL Errors Authorizing APIs if Access Manager Has Been Upgraded to 5.0

Issue: If you upgrade Access Manager to the 5.0 version, by default Access Manager creates new certificates but the calls to the different components are still using the old certificates.

Solution: Replace the certificate for the Administration Console with a current certificate that contains the proper DNS name in the certificate.

4.2.3 Cannot Access APIs with a Domain Name as Part of the URI

Issue: APIs that use the URI to direct traffic, for example behind an L7 switch, are not supported.

Solution: Allow the API to be resolved to an IP address and then the functionality provided in the API works.

4.2.4 API Returns a 404 Error to the Backend Service with Validate SSL Certificate Option Enabled

Issue: When you create an API, you add the certificate for the backend service’s server in PEM format. Secure API Manager validates the SSL certificate chain for you when you save the API and it returns a 404 error. The issue is that the backend service server is not using a well-known certificate authority and that the Trusted Root is not configured properly.

Solutions: If the backend service server is using a well-known certificate authority, you do not have to configure a Trusted Root for the API. If the certificate authority for the backend service is not well known, you must configure a Trusted Root for the backend service in the API. Secure API Manager requires that the Trusted Root be configured in one of three specific ways. If the Trusted Root is not configured properly, the Validate SSL Chain option returns a 404 error. For details about the specific ways to configure the Trusted Root, see Define the Backend Service in the NetIQ Secure API Manager 2.2 API Help.