分发和部署WSO2 API Manager组件

时间:2015-08-12 16:33:00

标签: wso2 wso2-am

我安装了分布式WSO2 API Manager Componentes。这非常有效,但是当我订阅API并生成令牌时,会显示以下错误:

  

"令牌撤销失败:HTTP错误代码:500"

日志:

[2015-08-12 13:28:59,623] ERROR - TargetHandler I/O error: Host name verification failed for host : 189.9.134.48
javax.net.ssl.SSLException: Host name verification failed for host : 189.9.134.48
    at org.apache.synapse.transport.http.conn.ClientSSLSetupHandler.verify(ClientSSLSetupHandler.java:152)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:285)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.outboundTransport(SSLIOSession.java:420)
    at org.apache.http.impl.nio.reactor.AbstractIODispatch.outputReady(AbstractIODispatch.java:150)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.writable(BaseIOReactor.java:181)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:346)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:320)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:280)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
    at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604)
    at java.lang.Thread.run(Thread.java:745)
[2015-08-12 13:28:59,627]  WARN - EndpointContext Endpoint : AnonymousEndpoint will be marked SUSPENDED as it failed
[2015-08-12 13:28:59,628]  WARN - EndpointContext Suspending endpoint : AnonymousEndpoint - last suspend duration was : 30000ms and current suspend duration is : 30000ms - Next retry after : Wed Aug 12 13:29:29 BRT 2015
[2015-08-12 13:28:59,629]  INFO - LogMediator STATUS = Executing token 'fault' sequence, ERROR_CODE = 101500, ERROR_MESSAGE = Error in Sender
[2015-08-12 13:28:59,635] ERROR - subscription-add:jag java.lang.RuntimeException: Token revoke failed : HTTP error code : 500
[2015-08-12 13:29:09,641] ERROR - SourceHandler I/O error: Conexão fechada pela outra ponta

我该如何解决这个问题?我正在使用API​​M 1.9。

1 个答案:

答案 0 :(得分:1)

您有两种方法可以解决此问题。以下是在生产环境中推荐。第二种方式不建议在生产环境中

方式1

  1. 您在验证主机名“189.9.134.48”时遇到问题。生成密钥时,189.9.134.48应该是您的公用名(CN)。您必须将WSO2 IS服务器的公钥证书导入WSO2 APIM服务器。您可以使用以下命令从密钥库中提取公钥证书。进入<IS_HOME>/repository/resources/security/目录

    keytool -export -keystore <IS_Store> -alias <alias_of_IS_certificate> -file <IS_certificate>.cer

  2. 应将IS的SSL证书导入APIM服务器的client-truststore.jks。 如果APIM服务器已启动,请将其关闭。 转到<APIM_HOME>/repository/resources/security/目录。 使用以下命令将appserver的公钥导入client-truststore.jks文件 在终端。

    keytool -import -alias <alias_of_IS_certificate> -file <IS_certificate>.cer -keystore client-truststore.jks -storepass wso2carbon

    重新启动APIM服务器。

    3. 方式2

    <parameter name="HostnameVerifier">文件的HTTPS传输发件人配置中将AllowAll元素设置为<APIM_HOME>/repository/conf/axis2/axis2.xml。例如,<parameter name="HostnameVerifier">AllowAll</parameter>

    当API Manager充当客户端并执行出站服务调用时,此参数将验证服务器证书的主机名。

相关问题
最新问题