ssl 在WSO2 API Manager 4.1.0 GA版本中更改主机名后无法创建API

jgwigjjp  于 2023-02-23  发布在  其他
关注(0)|答案(1)|浏览(212)

我曾尝试在WSo 2 API Manager 4.1.0 GA版本中更改主机名。
以下是Windows OS 11中遵循的步骤:

  • 更新了<API-M_HOME>/repository/conf/deployment.toml中的主机名

  • 生成一个新的密钥库,从密钥库导出公共证书,并将自签名证书导入到客户端-truststore.jks文件也完成了。
  • 主机名条目在/etc/hosts中完成,值如下127.0.0.1 localhost dev.wso2.com所示
  • 按照here的规定对Carbon控制台进行一些更改后,我可以使用名为dev.wso2.com的主机访问publisher, devportal, admin and carbon门户

  • 控制台URL中的证书详细信息如下所示

  • 重新启动服务器时,wso2carbon.log中出现以下错误,即使可以使用主机名访问控制台URL。

ERROR - DBRetriever Error while executing the http client javax.net.ssl.SSLPeerUnverifiedException: Certificate for <localhost> doesn't match any of the subject alternative names: []
完整日志:

[2023-02-20 13:04:48,707]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 4 seconds...
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : tokenRevocation of type topic for listener Siddhi-JMS-Consumer#tokenRevocation
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : keyManager of type topic for listener Siddhi-JMS-Consumer#keyManager
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : notification of type topic for listener Siddhi-JMS-Consumer#notification
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : cacheInvalidation of type topic for listener Siddhi-JMS-Consumer#cacheInvalidation
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : asyncWebhooksData of type topic for listener Siddhi-JMS-Consumer#asyncWebhooksData
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : throttleData of type topic for listener Siddhi-JMS-Consumer#throttleData
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : notification of type topic for listener Siddhi-JMS-Consumer#notification
[2023-02-20 13:04:48,758]  INFO - JMSListener Started to listen on destination : throttleData of type topic for listener Siddhi-JMS-Consumer#throttleData
[2023-02-20 13:04:52,717]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 8 seconds...
[2023-02-20 13:05:00,746]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 16 seconds...
[2023-02-20 13:05:01,746]  WARN - APILoggerManager Failed retrieving /api-logging-configs from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,746]  WARN - SubscriptionDataLoaderImpl Failed retrieving /api-policies from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,766]  WARN - SubscriptionDataLoaderImpl Failed retrieving /apis?gatewayLabel=Default from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,766]  WARN - SubscriptionDataLoaderImpl Failed retrieving /application-policies from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,767]  WARN - SubscriptionDataStore Failed retrieving webhooks subscription data from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds...
[2023-02-20 13:05:01,767] ERROR - DBRetriever Error while executing the http client
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <localhost> doesn't match any of the subject alternative names: []
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest_aroundBody6(APIUtil.java:655) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest(APIUtil.java:648) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService_aroundBody10(DBRetriever.java:215) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService(DBRetriever.java:196) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts_aroundBody6(DBRetriever.java:128) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts(DBRetriever.java:121) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup_aroundBody4(InMemoryAPIDeployer.java:172) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup(InMemoryAPIDeployer.java:156) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup_aroundBody2(GatewayStartupListener.java:134) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup(GatewayStartupListener.java:120) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway_aroundBody18(GatewayStartupListener.java:281) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0_aroundBody30(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run_aroundBody0(GatewayStartupListener.java:386) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run(GatewayStartupListener.java:383) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_291]
[2023-02-20 13:05:01,767]  WARN - SubscriptionDataLoaderImpl Failed retrieving /application-key-mappings from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,769] ERROR - InMemoryAPIDeployer Error deploying APIs to the Gateway
org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.exception.ArtifactSynchronizerException: Error while executing the http client
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts_aroundBody6(DBRetriever.java:141) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts(DBRetriever.java:121) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup_aroundBody4(InMemoryAPIDeployer.java:172) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup(InMemoryAPIDeployer.java:156) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup_aroundBody2(GatewayStartupListener.java:134) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup(GatewayStartupListener.java:120) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway_aroundBody18(GatewayStartupListener.java:281) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0_aroundBody30(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run_aroundBody0(GatewayStartupListener.java:386) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run(GatewayStartupListener.java:383) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_291]
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <localhost> doesn't match any of the subject alternative names: []
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient_4.5.13.wso2v1.jar:?]
        at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest_aroundBody6(APIUtil.java:655) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest(APIUtil.java:648) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService_aroundBody10(DBRetriever.java:215) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService(DBRetriever.java:196) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
        at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts_aroundBody6(DBRetriever.java:128) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]

而且我无法在publisher中创建API,无法在product中发布此主机名更改。

在发布者中创建API时注意到以下日志

[2023-02-20 17:48:36,467]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 2 seconds...
[2023-02-20 17:48:38,485]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 4 seconds...
[2023-02-20 17:48:42,499]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 8 seconds...
[2023-02-20 17:48:50,512]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 16 seconds...
[2023-02-20 17:49:06,526]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 32 seconds...
[2023-02-20 17:49:38,536]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 64 seconds...
[2023-02-20 17:50:42,544]  WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 128 seconds...

deployment.toml:

[server]
#hostname = "localhost"
hostname = "dev.wso2.com"
#offset=0
base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}"
#discard_empty_caches = false
server_role = "default"

[super_admin]
username = "admin"
password = "admin"
create_admin_account = true

[user_store]
type = "database_unique_id"

[database.apim_db]
type = "h2"
url = "jdbc:h2:./repository/database/WSO2AM_DB;AUTO_SERVER=TRUE;DB_CLOSE_ON_EXIT=FALSE"
username = "wso2carbon"
password = "wso2carbon"

[database.shared_db]
type = "h2"
url = "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE"
username = "wso2carbon"
password = "wso2carbon"

#[keystore.tls]
#file_name =  "wso2carbon.jks"
#type =  "JKS"
#password =  "wso2carbon"
#alias =  "wso2carbon"
#key_password =  "wso2carbon"

[keystore.tls]
file_name =  "devwso2.jks"
type =  "JKS"
password =  "wso2carbon"
alias =  "dev.wso2.com"
key_password =  "wso2carbon"

#[keystore.listener_profile]
#bind_address = "0.0.0.0"

#[keystore.primary]
#file_name =  "wso2carbon.jks"
#type =  "JKS"
#password =  "wso2carbon"
#alias =  "wso2carbon"
#key_password =  "wso2carbon"

#[keystore.internal]
#file_name =  "wso2carbon.jks"
#type =  "JKS"
#password =  "wso2carbon"
#alias =  "wso2carbon"
#key_password =  "wso2carbon"

[[apim.gateway.environment]]
name = "Default"
type = "hybrid"
provider = "wso2"
display_in_api_console = true
description = "This is a hybrid gateway that handles both production and sandbox token traffic."
show_as_token_endpoint_url = true
service_url = "https://dev.wso2.com:${mgt.transport.https.port}/services/"
username= "${admin.username}"
password= "${admin.password}"
ws_endpoint = "ws://dev.wso2.com:9099"
wss_endpoint = "wss://dev.wso2.com:8099"
http_endpoint = "http://dev.wso2.com:${http.nio.port}"
https_endpoint = "https://dev.wso2.com:${https.nio.port}"
websub_event_receiver_http_endpoint = "http://dev.wso2.com:9021"
websub_event_receiver_https_endpoint = "https://dev.wso2.com:8021"

[apim.sync_runtime_artifacts.gateway]
gateway_labels =["Default"]

[oauth.token_validation]
app_access_token_validity = -1
user_access_token_validity = -1
refresh_token_validity = -1

#[apim.cache.gateway_token]
#enable = true
#expiry_time = "900s"

#[apim.cache.resource]
#enable = true
#expiry_time = "900s"

#[apim.cache.km_token]
#enable = false
#expiry_time = "15m"

#[apim.cache.recent_apis]
#enable = false

#[apim.cache.scopes]
#enable = true

#[apim.cache.publisher_roles]
#enable = true

#[apim.cache.jwt_claim]
#enable = true
#expiry_time = "15m"

#[apim.cache.tags]
#expiry_time = "2m"

#[apim.analytics]
#enable = false
#auth_token = ""

[apim.analytics]
enable = true
config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1"
auth_token = "637e2cbb-64eb-4f1c-b48b-cd7bddf74b38"

#[apim.key_manager]
#service_url = "https://localhost:${mgt.transport.https.port}/services/"
#username = "$ref{super_admin.username}"
#password = "$ref{super_admin.password}"
#pool.init_idle_capacity = 50
#pool.max_idle = 100
#key_validation_handler_type = "default"
#key_validation_handler_type = "custom"
#key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler"



[apim.key_manager]
enable_apikey_subscription_validation = true
#service_url = "https://localhost:${mgt.transport.https.port}/services/"
service_url = "https://dev.wso2.com:${mgt.transport.https.port}/services/"
username = "$ref{super_admin.username}"
password = "$ref{super_admin.password}"

#[apim.idp]
#server_url = "https://localhost:${mgt.transport.https.port}"
#authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize"
#oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout"
#oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession"

#[apim.jwt]
#enable = true
#encoding = "base64" # base64,base64url
#generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator"
#claim_dialect = "http://wso2.org/claims"
#convert_dialect = false
#header = "X-JWT-Assertion"
#signing_algorithm = "SHA256withRSA"
#enable_user_claims = true
#claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever"

#[apim.oauth_config]
#enable_outbound_auth_header = false
#auth_header = "Authorization"
#revoke_endpoint = "https://localhost:${https.nio.port}/revoke"
#enable_token_encryption = false
#enable_token_hashing = false

#[apim.devportal]
#url = "https://localhost:${mgt.transport.https.port}/devportal"
[apim.devportal]
url = "https://dev.wso2.com:${mgt.transport.https.port}/devportal"
#enable_application_sharing = false
#if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl
#application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api
#application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl"
#display_multiple_versions = false
#display_deprecated_apis = false
#enable_comments = true
#enable_ratings = true
#enable_forum = true
#enable_anonymous_mode=true
#enable_cross_tenant_subscriptions = true
#default_reserved_username = "apim_reserved_user"

[apim.cors]
allow_origins = "*"
allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"]
allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"]
allow_credentials = false

#[apim.throttling]
#enable_data_publishing = true
#enable_policy_deploy = true
#enable_blacklist_condition = true
#enable_persistence = true
#throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"]

#[apim.throttling.blacklist_condition]
#start_delay = "5m"
#period = "1h"

#[apim.throttling.jms]
#start_delay = "5m"

#[apim.throttling.event_sync]
#hostName = "0.0.0.0"
#port = 11224

#[apim.throttling.event_management]
#hostName = "0.0.0.0"
#port = 10005

#[[apim.throttling.url_group]]
#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
#type = "loadbalance"

#[[apim.throttling.url_group]]
#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
#type = "failover"

[[apim.throttling.url_group]]
traffic_manager_urls = ["tcp://dev.wso2.com:9611","tcp://dev.wso2.com:9611"]
traffic_manager_auth_urls = ["ssl://dev.wso2.com:9711","ssl://dev.wso2.com:9711"]
type = "loadbalance"

[[apim.throttling.url_group]]
traffic_manager_urls = ["tcp://dev.wso2.com:9611","tcp://dev.wso2.com:9611"]
traffic_manager_auth_urls = ["ssl://dev.wso2.com:9711","ssl://dev.wso2.com:9711"]
type = "failover"

#[apim.workflow]
#enable = false
#service_url = "https://localhost:9445/bpmn"
#username = "$ref{super_admin.username}"
#password = "$ref{super_admin.password}"
#callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status"
#token_endpoint = "https://localhost:${https.nio.port}/token"
#client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register"
#client_registration_username = "$ref{super_admin.username}"
#client_registration_password = "$ref{super_admin.password}"

#data bridge config
#[transport.receiver]
#type = "binary"
#worker_threads = 10
#session_timeout = "30m"
#keystore.file_name = "$ref{keystore.tls.file_name}"
#keystore.password = "$ref{keystore.tls.password}"
#tcp_port = 9611
#ssl_port = 9711
#ssl_receiver_thread_pool_size = 100
#tcp_receiver_thread_pool_size = 100
#ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"]
#ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"]

#[apim.notification]
#from_address = "APIM.com"
#username = "APIM"
#password = "APIM+123"
#hostname = "localhost"
#port = 3025
#enable_start_tls = false
#enable_authentication = true

#[apim.token.revocation]
#notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl"
#enable_realtime_notifier = true
#realtime_notifier.ttl = 5000
#enable_persistent_notifier = true
#persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/"
#persistent_notifier.ttl = 5000
#persistent_notifier.username = "root"
#persistent_notifier.password = "root"

[[event_handler]]
name="userPostSelfRegistration"
subscriptions=["POST_ADD_USER"]

[service_provider]
sp_name_regex = "^[\\sa-zA-Z0-9._-]*$"

[database.local]
url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE"

[[event_listener]]
id = "token_revocation"
type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"
name = "org.wso2.is.notification.ApimOauthEventInterceptor"
order = 1
[event_listener.properties]
notification_endpoint = "https://dev.wso2.com:${mgt.transport.https.port}/internal/data/v1/notify"
username = "${admin.username}"
password = "${admin.password}"
'header.X-WSO2-KEY-MANAGER' = "default"

[oauth.grant_type.token_exchange]
enable = true
allow_refresh_tokens = true
iat_validity_period = "1h"

[apim.sdk]
supported_languages = ["android", "java", "csharp", "dart", "groovy", "javascript", "jmeter", "perl", "php", "python", "ruby", "swift5", "clojure"]

如何解决SSLPeerUnverifiedException ERROR问题?为什么我无法在Publisher中创建API?

jk9hmnmh

jk9hmnmh1#

由于您已生成新证书,但它不包含localhost作为备用DNS,因此会遇到此问题。要解决此问题,您可以将localhost值替换为dev.wso2.com。
您可以将以下配置添加到deployment.toml并重新启动服务器。

[apim.throttling] 
service_url = "https://dev.wso2.com:9443/services/"

相关问题