Oracle API Gateway Signature Verification Filter Used To Process Large Messages From An SSL Listener Works Incorrectly. (Doc ID 2252087.1)

Last updated on APRIL 10, 2017

Applies to:

Oracle API Gateway - Version 11.1.2 and later
Information in this document applies to any platform.

Symptoms

When using a Signature Verification filter to process large messages from an SSL listener, problems occur.
The message is recorded as OK in the Gateway console, but in the client (SoapUI in testing) the error "Socket is closed" occurs and there is no response body.

In addition the following is observed:

If using multiple Signature Verification filters in a policy:

If the first Signature Verification filter succeeds, no failure occurs.
If the first Signature Verification filter fails, but the second succeeds, the error occurs.
When placing a "dummy" Signature Verification filter between the two, that always succeeds, the error does not occur.
When using a listener/port without SSL, the error does NOT occur in any scenario.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms