在wso2-IoT上更改IP和证书时出错

时间:2017-08-31 10:48:12

标签: wso2 wso2iot

我刚刚安装了新版本的wso2-iot(3.1.0)。

我命令远程使用它,我已使用脚本/scripts/change-ip.sh将IP从localhost更改为服务器的IP地址。

一切似乎运作良好,但当我登录https://IP:9443/devicemgr时,我收到了以下信息:

An Error Occurred!
HTTP Status : 500

org.wso2.carbon.apimgt.integration.client.exception.APIMClientOAuthException: failed to retrieve oauth token using jwt

有人遇到过同样的问题吗? 有解决方案吗?

由于

我试过在3台服务器上安装wso2-iot:

  • 它适用于带有openjdk版本“1.8.0_141”
    • 的Debian 9.1
  • 我在使用openjdk版本“1.8.0_141”
    • 的Debian 8.8上失败了
  • 使用java版“1.8.0_144”
    • 在Debian 8.7上失败

4 个答案:

答案 0 :(得分:0)

问题的一个原因是IoT_Home / conf / identity / identity-providers / iot_default.xml中没有正确的证书。请确保正确添加。 原因可能是在change-ip.sh脚本中,“sed -e”在某些Linux操作系统版本上不起作用。

答案 1 :(得分:0)

当我运行io-server.sh脚本时,我收到了以下的java消息

[2017-09-04 09:25:05,244] [IoT-Core]  INFO - {org.wso2.carbon.ui.internal.CarbonUIServiceComponent} Mgt Console URL  : https://10.5.0.68:9443/carbon/
[2017-09-04 09:25:11,654] [IoT-Core] ERROR - {org.apache.synapse.transport.passthru.TargetHandler} I/O error: Host name verification failed for host : ducky.domaine-mairie.lan
javax.net.ssl.SSLException: Host name verification failed for host : ducky.domaine-mairie.lan
    at org.apache.synapse.transport.http.conn.ClientSSLSetupHandler.verify(ClientSSLSetupHandler.java:171)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:308)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:410)
    at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:119)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)
    at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:586)
    at java.lang.Thread.run(Thread.java:748)
[2017-09-04 09:25:11,726] [IoT-Core]  WARN - {org.apache.synapse.endpoints.EndpointContext} Endpoint : AnonymousEndpoint with address https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token will be marked SUSPENDED as it failed
[2017-09-04 09:25:11,728] [IoT-Core]  WARN - {org.apache.synapse.endpoints.EndpointContext} Suspending endpoint : AnonymousEndpoint with address https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token - current suspend duration is : 30000ms - Next retry after : Mon Sep 04 09:25:41 CEST 2017
Exception in thread "Thread-36" org.wso2.carbon.apimgt.integration.client.exception.APIMClientOAuthException: failed to retrieve oauth token using jwt
    at org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor.apply(OAuthRequestInterceptor.java:118)
    at feign.SynchronousMethodHandler.targetRequest(SynchronousMethodHandler.java:158)
    at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:88)
    at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:76)
    at feign.ReflectiveFeign$FeignInvocationHandler.invoke(ReflectiveFeign.java:103)
    at com.sun.proxy.$Proxy40.apisGet(Unknown Source)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherServiceImpl.publishAPI(APIPublisherServiceImpl.java:53)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherStartupHandler.publishAPIs(APIPublisherStartupHandler.java:97)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherStartupHandler.access$500(APIPublisherStartupHandler.java:30)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherStartupHandler$1.run(APIPublisherStartupHandler.java:69)
    at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException: Error when parsing the response <am:fault xmlns:am="http://wso2.org/apimanager"><am:code>101500</am:code><am:type>Status report</am:type><am:message>Runtime Error</am:message><am:description>Error in Sender</am:description></am:fault>
    at org.wso2.carbon.identity.jwt.client.extension.JWTClient.getTokenInfo(JWTClient.java:169)
    at org.wso2.carbon.identity.jwt.client.extension.JWTClient.getAccessToken(JWTClient.java:79)
    at org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor.apply(OAuthRequestInterceptor.java:99)
    ... 10 more
Caused by: Unexpected character (<) at position 0.
    at org.json.simple.parser.Yylex.yylex(Unknown Source)
    at org.json.simple.parser.JSONParser.nextToken(Unknown Source)
    at org.json.simple.parser.JSONParser.parse(Unknown Source)
    at org.json.simple.parser.JSONParser.parse(Unknown Source)
    at org.json.simple.parser.JSONParser.parse(Unknown Source)
    at org.wso2.carbon.identity.jwt.client.extension.JWTClient.getTokenInfo(JWTClient.java:153)
    ... 12 more

其中10.5.0.68是我服务器的IP,ducky.domaine-mairie.lan是服务器的名称。显然,脚本尝试使用dns名称而不是IP。 我希望这对决议有所帮助。

答案 2 :(得分:0)

change-ip.sh不符合我的口味。缺乏信息

答案 3 :(得分:0)

讨论了类似问题here

问题的一个原因可能是/ etc / hosts文件有条目将机器IP指向主机名。即使IP指向localhost也可能导致此问题。 当验证证书的通用名称时,会发生这种情况,它指向主机名。由于证书的通用名称是本地IP(由change-ip.sh脚本创建),并且当从具有相同IP的/ etc / hosts文件中找到主机名时,将导致主机名验证失败。这将导致上述问题,无法检索JWT令牌。报告了类似的问题here

相关问题
最新问题