I’m trying to consume a secured web service hosted on WSO2 AS, so I created a new certificate in the existing wso2carbon.jks file of the server and add it to the client JVM cacerts but I’m getting this error:
java.security.cert.CertificateException: No subject alternative names present
Nevertheless if I create a brand new wso2carbon.jks and overwrite the old one in the server after add the new certificate to the client JVM cacerts I can consume the secured service but other things in AS stop working like datasources, I tried adding the new certificate to the client-truststore.jks in the server, but datasource still don’t work. I’m working with AS 5.0.0 Thanks in advance.
When you add your own certificate, you need to modify the WSO2 configuration files to point to your certificate. Basically, you need to modify repository/conf/carbon.xml, and repository/conf/tomcat/catalina-server.xml. In case of ESB, you need to modify repository/conf/axis2/axis2.xml as well. The changes needed are described in this blog.
The error that you faced with data sources is because of the change of certificates. The reason is that, WSO2 encrypts the datasource passwords using the current keystore certificate at the time of datasource creation. To fix the error, you will need to remove your datasources, and re-add them. No need to re-create your data-services though.