CA API Gateway: OAuth client is exporting the wrong certificate

Document ID : KB000097993
Last Modified Date : 24/05/2018
Show Technical Document Details
Issue:
When exporting a client from the OAuth manager it is observed that the server_certs value does not match what is expected.

I.e. Export the certificate from the Gateway
1. Tasks -> Certificates, Keys and secrets -> Manage Certificates
2. Highlight your desired certificate and choose properties
3. Click export
4. Open the resulting file in a text editor and compare the value to what is shown from OAuth Manager

 
Resolution:
This certificate is set by the value of the variable "oauth2_server_certificate".
This value is set within the "OTK Variable Configuration policy" (#OTK Variable Configuration for OTK 4.x and up).

If this value is not specified it will default to ${gateway.cluster.hostname}. However, if you override this value it will pull the certificate specified by the variable.
You will need to ensure the value matches the correct certificate name as specified in the manager certificates dialog.