CA API Developer Portal 4.1 - Duplicate entry for Gateway enrolling

Document ID : KB000008799
Last Modified Date : 14/02/2018
Show Technical Document Details

Installed the Portal 4.1 with Gateway 9.2, and reconnected a tenant gateway from the portal following the documentation. 

Now they want to re-enroll this gateway, however when they send the POST request including the enroll.json file, this is the result I get : 
HTTP/1.1 400 Bad Request 
HTTP/1.1 400 Bad Request 
com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Duplicate entry 'dev-developers-dmz-172594b6-18ba-4b0c-8d61-807db457e81d' for key 'PRIMARY' 

Post request is made using the command below: 
curl --header "Accept: application/json" --header "Content-Type: application/json" --request POST --cert ./apim-tps.crt --key ./apim-tps.key --data @enroll.json --insecure 

Portal 4.1Gateway 9.2

The error above is because there is a duplicate entry, you are trying to insert something that already exists in the database and it raises a primary key error.


The following two options had been carried out to resolve this problem.

Option 1:

Log onto your gateway using a policy manager, once logged in;

  1. Click Tasks à Global Settings à Manage Cluster-wide Properties
  2. Find and remove “portal.bundle.version” from the list
    1. NOTE: this will only be available if you have previously enrolled this Gateway against the portal.  It will NOT be there if you haven’t enrolled yet or it has previously failed enrollment.  If it is not there, you can skip.
  3. Tasks à Extensions and Add-Ons à Enroll With Portal
  4. Paste the enrollment URL into the Enrollment URL text box
  5. Click Apply 

How do you get the enrollment URL?  First off, I need to know if they have gone through the enrollment process or not.  What do you see when you log into the portal

  1. Click the menu icon
  2. Click the > icon next to Settings
  3. Click API Proxy
  4. Click “View Details” on the proxy that you want to re-enroll
  5. What do you see here?
    1. If you don’t see anything, it means that you have one or more Gateway enrolled already and you may need to reset the registration by going to this URL:  https://enroll.PSSG_HOST/enroll/<TENANT_ID>?reset=true
        1. replace <PSSG_HOST> with your actual domain
        2. replace <TENANT_ID> with your actual tenant id
        3. this url can be pasted in a web browser or curl using a GET method
        4. since this URL is mutual auth protected, you will need to load the appropriate key and cert

         b. If you see the enrollment url, then copy this value

if the above doesn't work, please try Option 2.

Option 2:


 deleting the remaining entries in the tenant_provisioning table