我在WSO2 ESB中公开了Identity Server UserProfileMgtService adminService。问题是,当我使用tryIt功能测试服务时,我会收到SSL异常。当我通过SOAP UI在ESB中调用服务时,也会发生这种情况。
这是一个例外:
[2012-09-14 16:32:21,003] ERROR - ClientHandler I/O error : Host name verification failed for host : localhost For : 127.0.0.1:9447 For Request : Axis2Request [Message ID : urn:uuid:d3797d1e-f21d-4b6a-aec9-075e95e982e6] [Status Completed : false] [Status SendingCompleted : true]
javax.net.ssl.SSLException: Host name verification failed for host : localhost
at org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender$1.verify(HttpCoreNIOSSLSender.java:310)
at org.apache.http.impl.nio.reactor.SSLIOSessionHandlerAdaptor.verify(SSLIOSessionHandlerAdaptor.java:52)
at org.apache.http.impl.nio.reactor.SSLIOSession.doHandshake(SSLIOSession.java:186)
at org.apache.http.impl.nio.reactor.SSLIOSession.outboundTransport(SSLIOSession.java:292)
at org.apache.http.impl.nio.SSLClientIOEventDispatch.outputReady(SSLClientIOEventDispatch.java:249)
at org.apache.http.impl.nio.reactor.BaseIOReactor.writable(BaseIOReactor.java:179)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:344)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:318)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:104)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:542)
at java.lang.Thread.run(Thread.java:662)
[2012-09-14 16:32:21,005] WARN - EndpointContext Endpoint : endpoint_b058e35b0fa1f0f58569defe4fb9d4838eadea9b6abd4d36 will be marked SUSPENDED as it failed
[2012-09-14 16:32:21,006] WARN - EndpointContext Suspending endpoint : endpoint_b058e35b0fa1f0f58569defe4fb9d4838eadea9b6abd4d36 - last suspend duration was : 30000ms and current suspend duration is : 30000ms - Next retry after : Fri Sep 14 16:32:51 EEST 2012
我使用自签名证书,但我相应地修改了wso2carbon.jks和client-truststore.jks,因此他们拥有CN localhost的证书以及具有不同CN的自签名证书。我使用localhost作为IS端点。什么可以导致这个例外?是否有更简单的方法在ESB中映射IS管理服务。
澄清
所有服务器都有CN:ip-xx-xx-xxx-xx.xx.something.com的自签名证书。
My Identity Server在localhost:9447 /上运行,我想通过ESB运行的服务是localhost:9447 / services / UserProfileMgtService?wsdl。
ESB位于localhost:9447 /
我已在axis2.xml中定义的HTTPS传输发送方配置中将set参数设置为AllowAll,并且我还将HideAdminServiceWSDL设置为false。
我可以通过浏览器访问localhost:9447 / services / UserProfileMgtService?wsdl,但是如果我在publishWsdl选项的ESB中提供它,则说它无法连接到该服务。如果我将其定义为自定义代理,则会抛出上面给出的异常。
在SOAP UI中,我给出了ESB中代理服务的WSDL,它只有mediate()方法,我猜是因为ESB无法连接到端点wsdl。