启动WSO2 Identity Server 5.7.0时,我在控制台输出中得到以下信息:
INFO {org.wso2.carbon.crypto.provider.internal.DefaultCryptoProviderComponent} - 'CryptoService.Secret' property has not been set. 'org.wso2.carbon.crypto.provider.SymmetricKeyInternalCryptoProvider' won't be registered as an internal crypto provider. Please set the secret if the provider needs to be registered.
这是我在/repository/conf/carbon.xml中使用的配置:
<!--
Configurations related to Carbon Crypto Service which is a crypto framework used inside Carbon products.
-->
<CryptoService>
<Enabled>true</Enabled>
<!-- The crypto provider which is used for internal data encryption and decryption -->
<InternalCryptoProviderClassName>org.wso2.carbon.crypto.provider.KeyStoreBasedInternalCryptoProvider</InternalCryptoProviderClassName>
<!--
The crypto provider which is used for the crypto needs which come when communicating with external parties.
e.g. Signing, Decrypting.
-->
<ExternalCryptoProviderClassName>org.wso2.carbon.core.encryption.KeyStoreBasedExternalCryptoProvider</ExternalCryptoProviderClassName>
<!--
The list of key resolvers which will be used based on the context when handling crypto with external parties.
e.g. Resolving the public key of an external entity.
-->
<KeyResolvers>
<KeyResolver className="org.wso2.carbon.crypto.defaultProvider.resolver.ContextIndependentKeyResolver" priority="-1"/>
</KeyResolvers>
</CryptoService>
<!--
The KeyStore which is used for encrypting/decrypting internal data.
This block is read by Carbon Crypto Service.
-->
<InternalKeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/internal.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<!-- <Password svns:secretAlias="Carbon.Security.KeyStore.Password">password</Password> -->
<Password>wso2carbon</Password>
<Secret>wso2carbon</Secret>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword>wso2carbon</KeyPassword>
</InternalKeyStore>
如何解决此问题?
答案 0 :(得分:1)
使用了deployment.toml文件的WSO2 API Manager 3.0.0+或EI6.6.0 +:
export const createCollection = functions.auth.user().onCreate(async user => {
try {
const addLanguages = await addFirst();
const addSecondCollection = await addSecond();
async function addFirst() {
const userRef = admin.firestore().doc(`languages/${user.uid}`);
await userRef.set(
{
language: null
},
{ merge: true }
);
return 'done';
}
async function addSecond() {
// ...
}
return await Promise.all([addLanguages, addSecondCollection]);
} catch (error) {
throw new functions.https.HttpsError('unknown', error);
}
});
这将在启动时将适当的配置添加到carbon.xml。
有关新配置如何工作的更多信息:deployment.toml configuration options
对于较旧的版本,在carbon.xml中应用配置。.将标签Secret添加到CryptoService标签:
[encryption]
key = "CryptoService.Secret"
答案 1 :(得分:0)
您可以添加一个带有值的元素。此值将用作SymmetricKey
<CryptoService>
...
<Secret>SECRET_KEY</Secret>
</CryptoService>