Hi all,

I implemented "Fine-grained access control for SOAP services" (Refer 25th
pattern in this blog [1]) pattern using WSO2 EI 6.1.1 and WSO2 IS 5.3.0. I
was able to implement the pattern locally and tested it successfully. While
I'm moving to cloud setup, I got some errors while EI going to make the
connection with IS.

I got an error as follows:

[*2017-10-26 18:52:05,406] [EI-Core]  INFO - HTTPSender Unable to
sendViaPost to url[https://192.168.57.251/services/EntitlementService
<https://192.168.57.251/services/EntitlementService>]*
*javax.net.ssl.SSLPeerUnverifiedException: SSL peer failed hostname
validation for name: null*
* at
org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.verifyHostname(TLSProtocolSocketFactory.java:233)*
* at
org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.createSocket(TLSProtocolSocketFactory.java:186)*
* at
org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)*

After referring some docs and emails, found out we need to add following
property in the integrator.sh script.

*-Dorg.opensaml.httpclient.https.disableHostnameVerification=true \*

After adding that, again got an error as follows:

[2017-10-26 20:19:16,448] [EI-Core]  INFO - HTTPSender Unable to
sendViaPost to url[https://is.dev.wso2.org/services/EntitlementService]
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(
SSLSessionImpl.java:431)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.
verifyHostName(SSLProtocolSocketFactory.java:259)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.
createSocket(SSLProtocolSocketFactory.java:158)

Any idea on fixing this issue?

[1]
https://medium.facilelogin.com/thirty-solution-patterns-with-the-wso2-identity-server-16f9fd0c0389

-- 
Best Regards,

Dilshani Subasinghe
Software Engineer - QA *|* WSO2
lean *|* enterprise *|* middleware

Mobile : +94773375185 <+94%2077%20337%205185>
Blog    : dilshani.me

<https://wso2.com/signature>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to