我正在尝试使用WSO2 IS作为KM安装WSO2 APIM(v3.0)的docker-compose。但是,我无法为WSO2 APIM设置CA证书。我已经设法为APIM创建新的密钥库,并将证书从sslForFree导入到新的密钥库。我还更新了Deployment.toml中的tls密钥库。一切似乎都正常,但是运行APIM时我仍然收到错误消息。能否请你帮忙?谢谢。
我的步骤如下: 1. keytool -genkey -keyalg RSA -keysize 2048 -keystore wso2carbonkeystore.jks -dname“ CN =,OU = Home,O = Home,L = SL,S = WS,C = LK” -storepass wso2carbon -keypass wso2carbon 2. keytool -certreq-文件ssl / newcertreq.csr -keystore wso2carbonkeystore.jks 3.从SSLforFree获取证书(ca_bundle.csr,certificate.csr) 4. keytool -importcert -trustcacerts -alias中间体RootCert-文件ca_bundle.crt -keystore wso2carbonkeystore.jks 5. keytool -importcert -trustcacerts -alias wso2carbon-文件certificate.crt -keystore wso2carbonkeystore.jks 6. keytool -export -alias wso2carbon-文件sslforfree.pem -keystore wso2carbonkeystore.jks -storepass wso2carbon 7. keytool -import -alias wso2carbon-文件sslforfree.pem -keystore client-truststore.jks -storepass wso2carbon 8.更新deployment.toml-keystore.tls的文件名已更新-> file_name =“ wso2carbonkeystor.jks”
我收到的错误消息: 错误-DataEndpointConnectionWorker尝试连接到端点时出错。无法借用ssl:// xxxxx:9711的客户端。 org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException:无法借用ssl:// xxxxx:9711的客户端。 在org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:145)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.run(DataEndpointConnectionWorker.java:59)[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在java.util.concurrent.Executors $ RunnableAdapter.call(Executors.java:511)[?:1.8.0_222] 在java.util.concurrent.FutureTask.run(FutureTask.java:266)[?:1.8.0_222] 在java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)[?:1.8.0_222] 在java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)[?:1.8.0_222] 在java.lang.Thread.run(Thread.java:748)[?:1.8.0_222] 由以下原因引起:org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException:尝试登录到数据接收器时出错:/ xxxx:9711 在org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint.login(BinaryDataEndpoint.java:50)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:139)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] ...另外6个 引起原因:javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到到请求目标的有效证书路径 在sun.security.ssl.Alerts.getSSLException(Alerts.java:192)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)〜[?:1.8.0_222] 在sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)〜[?:1.8.0_222] 在sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.process_record(Handshaker.java:965)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)〜[?:1.8.0_222] 在sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)〜[?:1.8.0_222] 在java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)〜[?:1.8.0_222] 在java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)〜[?:1.8.0_222] 在org.wso2.carbon.databridge.agent.endpoint.binary.BinaryEventSender.sendBinaryLoginMessage(BinaryEventSender.java:47)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint.login(BinaryDataEndpoint.java:43)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:139)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] ...另外6个 引起原因:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到到请求目标的有效证书路径 在sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)〜[?:1.8.0_222] 在sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)〜[?:1.8.0_222] 在sun.security.validator.Validator.validate(Validator.java:262)〜[?:1.8.0_222] 在sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)〜[?:1.8.0_222] 在sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:237)〜[?:1.8.0_222] 在sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)〜[?:1.8.0_222] 在sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)〜[?:1.8.0_222] 在sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.process_record(Handshaker.java:965)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)〜[?:1.8.0_222] 在sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)〜[?:1.8.0_222] 在java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)〜[?:1.8.0_222] 在java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)〜[?:1.8.0_222] 在org.wso2.carbon.databridge.agent.endpoint.binary.BinaryEventSender.sendBinaryLoginMessage(BinaryEventSender.java:47)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint.login(BinaryDataEndpoint.java:43)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:139)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] ...另外6个 原因:sun.security.provider.certpath.SunCertPathBuilderException:无法找到到请求目标的有效证书路径 在sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)〜[?:1.8.0_222] 在sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)〜[?:1.8.0_222] 在java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)〜[?:1.8.0_222] 在sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)〜[?:1.8.0_222] 在sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)〜[?:1.8.0_222] 在sun.security.validator.Validator.validate(Validator.java:262)〜[?:1.8.0_222] 在sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)〜[?:1.8.0_222] 在sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:237)〜[?:1.8.0_222] 在sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)〜[?:1.8.0_222] 在sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)〜[?:1.8.0_222] 在sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)〜[?:1.8.0_222] 在sun.security.ssl.Handshaker.process_record(Handshaker.java:965)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)〜[?:1.8.0_222] 在sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)〜[?:1.8.0_222] 在sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)〜[?:1.8.0_222] 在java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)〜[?:1.8.0_222] 在java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)〜[?:1.8.0_222] 在org.wso2.carbon.databridge.agent.endpoint.binary.BinaryEventSender.sendBinaryLoginMessage(BinaryEventSender.java:47)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.binary.BinaryDataEndpoint.login(BinaryDataEndpoint.java:43)〜[org.wso2.carbon.databridge.agent_5.2.12.jar :?] 在org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:139)〜[org.wso2.carbon.databridge.agent_5.2.12.jar:?]