Support Content Notification - Support Portal

CA - PROACTIVE NOTIFICATION - APIGTW - PRODUCT UPDATE - PAPIGTW-100650

Product/Component

Notification Id

2365

Last Updated

17 May 2018

Initial Publication Date

17 May 2018

Proactive Notification: Product Update

Date: May 17, 2018
To: CA API Gateway Customers
From: The CA Technologies API Gateway Product Team
Subject: General Availability Announcement for CA API Gateway 9.3.00 Cumulative Release 02 (CR02)

On behalf of CA Technologies, we appreciate your business and the opportunity to provide you with high-quality, innovative software and services. As part of our ongoing commitment to customer success, we regularly announce updated releases and maintenance for our products.

Today, we are pleased to announce the availability of CA API Gateway 9.3.00 CR02. This cumulative release corrects Gateway-specific issues discovered since version 9.3.00 was released. By installing this Cumulative Release, you ensure that your systems are current on resolved issues for version 9.3.00 of the CA API Gateway.

Important notes about this Cumulative Release:

9.3.00 CR02 must be installed on any of the following Gateway versions:
9.3.00
9.3.00 CR01

Ensure a proper snapshot or backup of the Gateway is taken prior to upgrade.

9.3.00 CR02 only updates the Gateway. It does not include a platform upgrade or the monthly patch. Those must still be applied separately.
Future cumulative releases, service packs, and full releases for version 9.3.00 will contain all the fixes contained in CR02.
This cumulative release includes an upgrade to JDK 1.8.0_172. This version of the JDK deprecates several TLS algorithms that are now considered insecure and not recommended. These algorithms are identified by “3DES_EDE_CBC”. If you need to re-enable these algorithms for compatibility with legacy systems, please follow the instructions under “Issues Resolved in Version 9.3 CR2” in the “Issues Resolved” topic of the Release Notes.

Issues Addressed: CA API Gateway

DE342952	Introduced a checkbox, Connection timeout, in the Raw TCP Routing Properties dialog to allow you to specify the connection timeout value for socket connection.
DE319759	Fixed an issue where the process controller log was displaying an error "Couldn't get HOST.cpuTemp value (Couldn't get CPU temperature)".
DE328317	Fixed an issue where ESM migration is failing with null pointer, when there is a mismatch in the policy that is mapped from source cluster policy and destination cluster policy with different assertion at one ordinal.
DE337924	Fixed a memory issue that affected Hardware Security Modules connected to the Gateway.
DE339252	Fixed an issue where migrating the "Load Previous Mappings" button results in a "an internal error occurred".
DE341493	Fixed an issue that prevented customized error response messages from being returned in a Route via MQ Native Assertion policy.
DE342088	Corrected the Query LDAP Assertion to correctly parse context variable in the base DN field.
DE342376	Fixed a security issue with the Require SSH Credentials Assertion in the Gateway.
DE343232	Fixed an issue where the UseHTTPOnlyCookies ACO parameter does not reflect in the cookie string as HttpOnly when it is set to 'yes'.
DE343361	Fixed an issue where authorization is failing when Idle Session Timeout value is not enabled or set to 0 in CA SSO.
DE347523	Updated the Gateway so that you can prevent response processing from failing if the request URL contains "unwise" characters that violate RFC 2396. For examples, special characters such as '{' and '}'.
DE351400	Corrected inconsistent RESTman behavior in Gateway cluster nodes.
DE360787	Added a new option "Omit Host header" to the Route via HTTP(S) Assertion. This setting allows you to omit including a host header for HTTP/1.0.
US491695	Upgraded JDK to 1.8.0_172.
DE361605	Removed all 3DES_EDE_CBC ciphers from the default supported cipher list by Oracle (as of JDK 1.8.0_171) for security reasons.
DE334838	Corrected an issue where Evaluate Math Expression Assertion the gateway generates Premature End of File error while calculating the processing time.
DE336259	Added options to allow empty callback value and more supported signature methods RSA-256, RSA-512 for Generate OAuth Signature Base String Assertion.
DE342946	Corrected an issue where Swagger validation fails after upgrade to 9.3.
DE363616	Corrected an issue where Policy Manager Error window is displayed when adding Validate Against NCES Requirements assertion to service policy.

You can download your copy of CA API Gateway 9.3.00 CR02 from CA API Management Support Online: https://support.ca.com/us/product-content/recommended-reading/technical-document-index/ca-api-management-solutions-and-patches.html.

CA_API_Gateway_v9.3.00_CR02.zip

You can also call CA Customer Care at +1-800-225-5224 in North America or see http://www.ca.com/phone for the local number in your country.

Should you need any assistance, our CA Services experts can help. For more information on CA Services and how you can leverage our experience, please visit www.ca.com/services.

Your success is very important to us, and we look forward to continuing our successful partnership with you.

To unsubscribe from this service, please follow the link below:
https://support.ca.com/irj/portal/hyperSubscription