sslwso2wso2-api-managerhostname
Unable to create API after changing hostname in WSO2 API Manager 4.1.0 GA Release
I have tried changing hostname in WSo2 API Manager 4.1.0 GA Release.
Below are the steps followed in Windows OS 11:
- Updated hostname in
<API-M_HOME>/repository/conf/deployment.toml
- Generated a new key store, export the public certificate from the keystore, and import that self signed certificate to the client-truststore.jks file also done.
- Hostname entry done in
/etc/hostsand values like below127.0.0.1 localhost dev.wso2.com - after made some changes in Carbon console as specified here , i could able to access
publisher, devportal, admin and carbonportal with host calleddev.wso2.com
- Certificate details shown like below from console URL
When restarting the server got below ERROR in wso2carbon.log even though console url is accessible with hostname.
ERROR - DBRetriever Error while executing the http client javax.net.ssl.SSLPeerUnverifiedException: Certificate for <localhost> doesn't match any of the subject alternative names: []
Full Log:
[2023-02-20 13:04:48,707] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 4 seconds...
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : tokenRevocation of type topic for listener Siddhi-JMS-Consumer#tokenRevocation
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : keyManager of type topic for listener Siddhi-JMS-Consumer#keyManager
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : notification of type topic for listener Siddhi-JMS-Consumer#notification
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : cacheInvalidation of type topic for listener Siddhi-JMS-Consumer#cacheInvalidation
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : asyncWebhooksData of type topic for listener Siddhi-JMS-Consumer#asyncWebhooksData
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : throttleData of type topic for listener Siddhi-JMS-Consumer#throttleData
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : notification of type topic for listener Siddhi-JMS-Consumer#notification
[2023-02-20 13:04:48,758] INFO - JMSListener Started to listen on destination : throttleData of type topic for listener Siddhi-JMS-Consumer#throttleData
[2023-02-20 13:04:52,717] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 8 seconds...
[2023-02-20 13:05:00,746] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 16 seconds...
[2023-02-20 13:05:01,746] WARN - APILoggerManager Failed retrieving /api-logging-configs from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,746] WARN - SubscriptionDataLoaderImpl Failed retrieving /api-policies from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,766] WARN - SubscriptionDataLoaderImpl Failed retrieving /apis?gatewayLabel=Default from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,766] WARN - SubscriptionDataLoaderImpl Failed retrieving /application-policies from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,767] WARN - SubscriptionDataStore Failed retrieving webhooks subscription data from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds...
[2023-02-20 13:05:01,767] ERROR - DBRetriever Error while executing the http client
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <localhost> doesn't match any of the subject alternative names: []
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest_aroundBody6(APIUtil.java:655) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest(APIUtil.java:648) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService_aroundBody10(DBRetriever.java:215) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService(DBRetriever.java:196) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts_aroundBody6(DBRetriever.java:128) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts(DBRetriever.java:121) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup_aroundBody4(InMemoryAPIDeployer.java:172) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup(InMemoryAPIDeployer.java:156) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup_aroundBody2(GatewayStartupListener.java:134) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup(GatewayStartupListener.java:120) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway_aroundBody18(GatewayStartupListener.java:281) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0_aroundBody30(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run_aroundBody0(GatewayStartupListener.java:386) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run(GatewayStartupListener.java:383) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_291]
[2023-02-20 13:05:01,767] WARN - SubscriptionDataLoaderImpl Failed retrieving /application-key-mappings from remote endpoint: Certificate for <localhost> doesn't match any of the subject alternative names: []. Retrying after 15 seconds.
[2023-02-20 13:05:01,769] ERROR - InMemoryAPIDeployer Error deploying APIs to the Gateway
org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.exception.ArtifactSynchronizerException: Error while executing the http client
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts_aroundBody6(DBRetriever.java:141) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts(DBRetriever.java:121) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup_aroundBody4(InMemoryAPIDeployer.java:172) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer.deployAllAPIsAtGatewayStartup(InMemoryAPIDeployer.java:156) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup_aroundBody2(GatewayStartupListener.java:134) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsAtStartup(GatewayStartupListener.java:120) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway_aroundBody18(GatewayStartupListener.java:281) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.deployArtifactsInGateway(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0_aroundBody30(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.access$0(GatewayStartupListener.java:270) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run_aroundBody0(GatewayStartupListener.java:386) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener$AsyncAPIDeployment.run(GatewayStartupListener.java:383) ~[org.wso2.carbon.apimgt.gateway_9.20.74.jar:?]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_291]
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Certificate for <localhost> doesn't match any of the subject alternative names: []
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient_4.5.13.wso2v1.jar:?]
at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest_aroundBody6(APIUtil.java:655) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.utils.APIUtil.executeHTTPRequest(APIUtil.java:648) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService_aroundBody10(DBRetriever.java:215) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.invokeService(DBRetriever.java:196) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
at org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.DBRetriever.retrieveAllArtifacts_aroundBody6(DBRetriever.java:128) ~[org.wso2.carbon.apimgt.impl_9.20.74.jar:?]
and i couldn't able to create API in publisher post this hostname change in product.
Noticed below logs while creating API in publisher
[2023-02-20 17:48:36,467] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 2 seconds...
[2023-02-20 17:48:38,485] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 4 seconds...
[2023-02-20 17:48:42,499] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 8 seconds...
[2023-02-20 17:48:50,512] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 16 seconds...
[2023-02-20 17:49:06,526] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 32 seconds...
[2023-02-20 17:49:38,536] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 64 seconds...
[2023-02-20 17:50:42,544] WARN - KeyManagerConfigurationDataRetriever Failed retrieving Key Manager Configurations from remote endpoint. Retrying after 128 seconds...
deployment.toml:
[server]
#hostname = "localhost"
hostname = "dev.wso2.com"
#offset=0
base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}"
#discard_empty_caches = false
server_role = "default"
[super_admin]
username = "admin"
password = "admin"
create_admin_account = true
[user_store]
type = "database_unique_id"
[database.apim_db]
type = "h2"
url = "jdbc:h2:./repository/database/WSO2AM_DB;AUTO_SERVER=TRUE;DB_CLOSE_ON_EXIT=FALSE"
username = "wso2carbon"
password = "wso2carbon"
[database.shared_db]
type = "h2"
url = "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE"
username = "wso2carbon"
password = "wso2carbon"
#[keystore.tls]
#file_name = "wso2carbon.jks"
#type = "JKS"
#password = "wso2carbon"
#alias = "wso2carbon"
#key_password = "wso2carbon"
[keystore.tls]
file_name = "devwso2.jks"
type = "JKS"
password = "wso2carbon"
alias = "dev.wso2.com"
key_password = "wso2carbon"
#[keystore.listener_profile]
#bind_address = "0.0.0.0"
#[keystore.primary]
#file_name = "wso2carbon.jks"
#type = "JKS"
#password = "wso2carbon"
#alias = "wso2carbon"
#key_password = "wso2carbon"
#[keystore.internal]
#file_name = "wso2carbon.jks"
#type = "JKS"
#password = "wso2carbon"
#alias = "wso2carbon"
#key_password = "wso2carbon"
[[apim.gateway.environment]]
name = "Default"
type = "hybrid"
provider = "wso2"
display_in_api_console = true
description = "This is a hybrid gateway that handles both production and sandbox token traffic."
show_as_token_endpoint_url = true
service_url = "https://dev.wso2.com:${mgt.transport.https.port}/services/"
username= "${admin.username}"
password= "${admin.password}"
ws_endpoint = "ws://dev.wso2.com:9099"
wss_endpoint = "wss://dev.wso2.com:8099"
http_endpoint = "http://dev.wso2.com:${http.nio.port}"
https_endpoint = "https://dev.wso2.com:${https.nio.port}"
websub_event_receiver_http_endpoint = "http://dev.wso2.com:9021"
websub_event_receiver_https_endpoint = "https://dev.wso2.com:8021"
[apim.sync_runtime_artifacts.gateway]
gateway_labels =["Default"]
[oauth.token_validation]
app_access_token_validity = -1
user_access_token_validity = -1
refresh_token_validity = -1
#[apim.cache.gateway_token]
#enable = true
#expiry_time = "900s"
#[apim.cache.resource]
#enable = true
#expiry_time = "900s"
#[apim.cache.km_token]
#enable = false
#expiry_time = "15m"
#[apim.cache.recent_apis]
#enable = false
#[apim.cache.scopes]
#enable = true
#[apim.cache.publisher_roles]
#enable = true
#[apim.cache.jwt_claim]
#enable = true
#expiry_time = "15m"
#[apim.cache.tags]
#expiry_time = "2m"
#[apim.analytics]
#enable = false
#auth_token = ""
[apim.analytics]
enable = true
config_endpoint = "https://analytics-event-auth.choreo.dev/auth/v1"
auth_token = "637e2cbb-64eb-4f1c-b48b-cd7bddf74b38"
#[apim.key_manager]
#service_url = "https://localhost:${mgt.transport.https.port}/services/"
#username = "$ref{super_admin.username}"
#password = "$ref{super_admin.password}"
#pool.init_idle_capacity = 50
#pool.max_idle = 100
#key_validation_handler_type = "default"
#key_validation_handler_type = "custom"
#key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler"
[apim.key_manager]
enable_apikey_subscription_validation = true
#service_url = "https://localhost:${mgt.transport.https.port}/services/"
service_url = "https://dev.wso2.com:${mgt.transport.https.port}/services/"
username = "$ref{super_admin.username}"
password = "$ref{super_admin.password}"
#[apim.idp]
#server_url = "https://localhost:${mgt.transport.https.port}"
#authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize"
#oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout"
#oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession"
#[apim.jwt]
#enable = true
#encoding = "base64" # base64,base64url
#generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator"
#claim_dialect = "http://wso2.org/claims"
#convert_dialect = false
#header = "X-JWT-Assertion"
#signing_algorithm = "SHA256withRSA"
#enable_user_claims = true
#claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever"
#[apim.oauth_config]
#enable_outbound_auth_header = false
#auth_header = "Authorization"
#revoke_endpoint = "https://localhost:${https.nio.port}/revoke"
#enable_token_encryption = false
#enable_token_hashing = false
#[apim.devportal]
#url = "https://localhost:${mgt.transport.https.port}/devportal"
[apim.devportal]
url = "https://dev.wso2.com:${mgt.transport.https.port}/devportal"
#enable_application_sharing = false
#if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl
#application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api
#application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl"
#display_multiple_versions = false
#display_deprecated_apis = false
#enable_comments = true
#enable_ratings = true
#enable_forum = true
#enable_anonymous_mode=true
#enable_cross_tenant_subscriptions = true
#default_reserved_username = "apim_reserved_user"
[apim.cors]
allow_origins = "*"
allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"]
allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"]
allow_credentials = false
#[apim.throttling]
#enable_data_publishing = true
#enable_policy_deploy = true
#enable_blacklist_condition = true
#enable_persistence = true
#throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"]
#[apim.throttling.blacklist_condition]
#start_delay = "5m"
#period = "1h"
#[apim.throttling.jms]
#start_delay = "5m"
#[apim.throttling.event_sync]
#hostName = "0.0.0.0"
#port = 11224
#[apim.throttling.event_management]
#hostName = "0.0.0.0"
#port = 10005
#[[apim.throttling.url_group]]
#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
#type = "loadbalance"
#[[apim.throttling.url_group]]
#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
#type = "failover"
[[apim.throttling.url_group]]
traffic_manager_urls = ["tcp://dev.wso2.com:9611","tcp://dev.wso2.com:9611"]
traffic_manager_auth_urls = ["ssl://dev.wso2.com:9711","ssl://dev.wso2.com:9711"]
type = "loadbalance"
[[apim.throttling.url_group]]
traffic_manager_urls = ["tcp://dev.wso2.com:9611","tcp://dev.wso2.com:9611"]
traffic_manager_auth_urls = ["ssl://dev.wso2.com:9711","ssl://dev.wso2.com:9711"]
type = "failover"
#[apim.workflow]
#enable = false
#service_url = "https://localhost:9445/bpmn"
#username = "$ref{super_admin.username}"
#password = "$ref{super_admin.password}"
#callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status"
#token_endpoint = "https://localhost:${https.nio.port}/token"
#client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register"
#client_registration_username = "$ref{super_admin.username}"
#client_registration_password = "$ref{super_admin.password}"
#data bridge config
#[transport.receiver]
#type = "binary"
#worker_threads = 10
#session_timeout = "30m"
#keystore.file_name = "$ref{keystore.tls.file_name}"
#keystore.password = "$ref{keystore.tls.password}"
#tcp_port = 9611
#ssl_port = 9711
#ssl_receiver_thread_pool_size = 100
#tcp_receiver_thread_pool_size = 100
#ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"]
#ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"]
#[apim.notification]
#from_address = "APIM.com"
#username = "APIM"
#password = "APIM+123"
#hostname = "localhost"
#port = 3025
#enable_start_tls = false
#enable_authentication = true
#[apim.token.revocation]
#notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl"
#enable_realtime_notifier = true
#realtime_notifier.ttl = 5000
#enable_persistent_notifier = true
#persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/"
#persistent_notifier.ttl = 5000
#persistent_notifier.username = "root"
#persistent_notifier.password = "root"
[[event_handler]]
name="userPostSelfRegistration"
subscriptions=["POST_ADD_USER"]
[service_provider]
sp_name_regex = "^[\\sa-zA-Z0-9._-]*$"
[database.local]
url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE"
[[event_listener]]
id = "token_revocation"
type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"
name = "org.wso2.is.notification.ApimOauthEventInterceptor"
order = 1
[event_listener.properties]
notification_endpoint = "https://dev.wso2.com:${mgt.transport.https.port}/internal/data/v1/notify"
username = "${admin.username}"
password = "${admin.password}"
'header.X-WSO2-KEY-MANAGER' = "default"
[oauth.grant_type.token_exchange]
enable = true
allow_refresh_tokens = true
iat_validity_period = "1h"
[apim.sdk]
supported_languages = ["android", "java", "csharp", "dart", "groovy", "javascript", "jmeter", "perl", "php", "python", "ruby", "swift5", "clojure"]
how to resolve that SSLPeerUnverifiedException ERROR and why i am unable to create API in publisher?
Solution
As you have generated a new certificate and it does not contain localhost as an alternative DNS, you are getting this issue. To overcome this issue, you can replace localhost values with dev.wso2.com.
You can add the following configuration to the deployment.toml and restart the server.
[apim.throttling]
service_url = "https://dev.wso2.com:9443/services/"
- SSL error unsafe legacy renegotiation disabled
- "SSL certificate verify failed" using pip to install packages
- Spring 5 WebClient using ssl
- Gitlab doesn't loads new ssl cert and key
- Jetty Invalid SNI issue even when certificate is correct
- SSL on JBOSS AS 7
- "aborting due to insecure configuration" while configuring TLS on Rust rocket server
- How to wrap net.Conn.Read() in Golang
- " An operation was attempted on something that is not a socket" when I try to add SSL authentication
- Error Importing SSL certificate : Not an X.509 Certificate
- SSL verification error at depth 0: unable to get local issuer certificate (20)
- Keycloak SSL setup using docker image
- Make OpenSSL accept expired certificates
- .NET Framework equivalent of IApplicationBuilder.UseForwardedHeaders()
- Setting up SSL on a local xampp/apache server
- Problem when installing Python from source, SSL package missing even though openssl installed
- NGINX to reverse proxy websockets AND enable SSL (wss://)?
- Is it safe sharing Self-signed certificate to other persons?
- curl - Is data encrypted when using the --insecure option?
- SSL certificate installation on Wildfly server
- Enable SSL for my WCF service
- Gracefully Shutdown TLS connection in C OpenSSL
- Google Chrome localhost | NET::ERR_CERT_AUTHORITY_INVALID
- IntelliJ changes cipher spec after I set it in the properties
- How to change/tweak Python 3.10 default SSL settings for requests - sslv3 alert handshake failure
- SSL peer shut down incorrectly in Java
- TLS/SSL Connection for MQTT in java
- Nginx does redirect, not proxy
- kubectl unable to connect to server: x509: certificate signed by unknown authority
- Android System.err: javax.net.ssl.SSLHandshakeException: Handshake failed