yes seems its the same issues. I was able to resolve it by following the steps in that thread.
Cheers, NuwanS. On Tue, Nov 28, 2017 at 3:31 PM, Anuruddha Liyanarachchi < anurudd...@wso2.com> wrote: > Hi Nuwan, > > Are you using a load balancer to access the KM node? A similar issue is > discussed in mail thread[1] where nginx sending a wrong certificate if > the client doesn't send SNI information to the server. > > [1] Publisher/Store nodes are throwing an error "unable to find valid > certification path to requested target > > > On Tue, Nov 28, 2017 at 2:34 PM, Abimaran Kugathasan <abima...@wso2.com> > wrote: > >> Hi Nuwan, >> >> Have you generated KeyStore for all the nodes? CN property belongs to >> KeyStore. What's the value you have given to CN when you generate KeyStore? >> Importing public keys to each other's client-truststore don't have any >> impact on this problem. >> >> On Tue, Nov 28, 2017 at 11:29 AM, Isuru Haththotuwa <isu...@wso2.com> >> wrote: >> >>> This means that the actual URL what it was trying to access >>> (km.dev.wso2.org <http://km.dev.wso2.org>) presented a certificate with >>> the CN gw.dev.wso2.org. <http://gw.dev.wso2.org> >>> The server at the host km.dev.wso2.com should have a public certificate >>> with the same hostname as CN. And since you seem to have a common domain >>> dev.wso2.org, you can generate a SSL key pair with a wildcard - *. >>> dev.wso2.org. No need to generate separately for each instance. >>> <http://gw.dev.wso2.org> >>> >>> On Tue, Nov 28, 2017 at 11:21 AM, Nuwan Silva <nuw...@wso2.com> wrote: >>> >>>> Hi Team, >>>> >>>> I'm getting the above issue when trying to login to publisher. I have >>>> added the certificates of all the instances of the deployment to a single >>>> client-truststore and copied to all servers. >>>> >>>> checking via >>>> keytool -list -v -keystore client-truststore.jks >>>> >>>> does show the certificates. What can be the cause of this? >>>> >>>> TID: [-1234] [] [2017-11-28 05:43:47,637] INFO >>>> {org.wso2.carbon.core.internal.permission.update.PermissionUpdater} - >>>> Permission cache updated for tenant -1234 {org.wso2.carbon.core.internal >>>> .permission.update.PermissionUpdater} >>>> TID: [-1234] [] [2017-11-28 05:43:48,009] INFO { >>>> org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost >>>> to url[https://km.dev.wso2.org:443/services/AuthenticationAdmin] { >>>> org.apache.axis2.transport.http.HTTPSender} >>>> javax.net.ssl.SSLException: hostname in certificate didn't match: < >>>> km.dev.wso2.org> != <gw.dev.wso2.org> >>>> at org.apache.commons.httpclient.protocol.SSLProtocolSocketFact >>>> ory.verifyHostName(SSLProtocolSocketFactory.java:436) >>>> at org.apache.commons.httpclient.protocol.SSLProtocolSocketFact >>>> ory.verifyHostName(SSLProtocolSocketFactory.java:302) >>>> at org.apache.commons.httpclient.protocol.SSLProtocolSocketFact >>>> ory.verifyHostName(SSLProtocolSocketFactory.java:273) >>>> at org.apache.commons.httpclient.protocol.SSLProtocolSocketFact >>>> ory.createSocket(SSLProtocolSocketFactory.java:183) >>>> at org.apache.commons.httpclient.HttpConnection.open(HttpConnec >>>> tion.java:707) >>>> at org.apache.commons.httpclient.MultiThreadedHttpConnectionMan >>>> ager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionM >>>> anager.java:1361) >>>> at org.apache.commons.httpclient.HttpMethodDirector.executeWith >>>> Retry(HttpMethodDirector.java:387) >>>> at org.apache.commons.httpclient.HttpMethodDirector.executeMeth >>>> od(HttpMethodDirector.java:171) >>>> at org.apache.commons.httpclient.HttpClient.executeMethod(HttpC >>>> lient.java:397) >>>> at org.apache.axis2.transport.http.AbstractHTTPSender.executeMe >>>> thod(AbstractHTTPSender.java:682) >>>> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS >>>> ender.java:195) >>>> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.j >>>> ava:77) >>>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w >>>> riteMessageWithCommons(CommonsHTTPTransportSender.java:451) >>>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i >>>> nvoke(CommonsHTTPTransportSender.java:278) >>>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) >>>> at org.apache.axis2.description.OutInAxisOperationClient.send(O >>>> utInAxisOperation.java:430) >>>> at org.apache.axis2.description.OutInAxisOperationClient.execut >>>> eImpl(OutInAxisOperation.java:225) >>>> at org.apache.axis2.client.OperationClient.execute(OperationCli >>>> ent.java:149) >>>> at org.wso2.carbon.authenticator.stub.AuthenticationAdminStub.l >>>> ogin(AuthenticationAdminStub.java:659) >>>> at org.wso2.carbon.apimgt.hostobjects.APIProviderHostObject.jsF >>>> unction_login(APIProviderHostObject.java:267) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >>>> ssorImpl.java:62) >>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >>>> thodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:498) >>>> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) >>>> at org.mozilla.javascript.FunctionObject.call(FunctionObject.ja >>>> va:386) >>>> at org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime >>>> .java:42) >>>> at org.jaggeryjs.rhino.publisher.modules.user.c1._c_anonymous_1 >>>> (/publisher/modules/user/login.jag:19) >>>> at org.jaggeryjs.rhino.publisher.modules.user.c1.call(/publishe >>>> r/modules/user/login.jag) >>>> at org.mozilla.javascript.ScriptRuntime.applyOrCall(ScriptRunti >>>> me.java:2430) >>>> at org.mozilla.javascript.BaseFunction.execIdCall(BaseFunction. >>>> java:269) >>>> at org.mozilla.javascript.IdFunctionObject.call(IdFunctionObjec >>>> t.java:97) >>>> at org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime >>>> .java:42) >>>> at org.jaggeryjs.rhino.publisher.modules.user.c0._c_anonymous_1 >>>> (/publisher/modules/user/module.jag:5) >>>> at org.jaggeryjs.rhino.publisher.modules.user.c0.call(/publishe >>>> r/modules/user/module.jag) >>>> at org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime >>>> .java:52) >>>> at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0 >>>> ._c_anonymous_1(/publisher/site/blocks/user/login/ajax/login.jag:26) >>>> at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0 >>>> .call(/publisher/site/blocks/user/login/ajax/login.jag) >>>> at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime >>>> .java:23) >>>> at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0 >>>> ._c_script_0(/publisher/site/blocks/user/login/ajax/login.jag:5) >>>> at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0 >>>> .call(/publisher/site/blocks/user/login/ajax/login.jag) >>>> at org.mozilla.javascript.ContextFactory.doTopCall(ContextFacto >>>> ry.java:394) >>>> at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime >>>> .java:3091) >>>> at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0 >>>> .call(/publisher/site/blocks/user/login/ajax/login.jag) >>>> at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0 >>>> .exec(/publisher/site/blocks/user/login/ajax/login.jag) >>>> at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(Rhi >>>> noEngine.java:567) >>>> at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngi >>>> ne.java:273) >>>> at org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebApp >>>> Manager.java:588) >>>> at org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(Web >>>> AppManager.java:508) >>>> at org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServ >>>> let.java:29) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) >>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) >>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>> lter(ApplicationFilterChain.java:303) >>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>> licationFilterChain.java:208) >>>> at org.apache.catalina.core.ApplicationDispatcher.invoke(Applic >>>> ationDispatcher.java:743) >>>> at org.apache.catalina.core.ApplicationDispatcher.processReques >>>> t(ApplicationDispatcher.java:485) >>>> at org.apache.catalina.core.ApplicationDispatcher.doForward(App >>>> licationDispatcher.java:377) >>>> at org.apache.catalina.core.ApplicationDispatcher.forward(Appli >>>> cationDispatcher.java:337) >>>> at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFil >>>> ter.java:21) >>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>> lter(ApplicationFilterChain.java:241) >>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>> licationFilterChain.java:208) >>>> at org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreven >>>> tionFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53) >>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>> lter(ApplicationFilterChain.java:241) >>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>> licationFilterChain.java:208) >>>> at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilte >>>> r(HttpHeaderSecurityFilter.java:124) >>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>> lter(ApplicationFilterChain.java:241) >>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>> licationFilterChain.java:208) >>>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar >>>> dWrapperValve.java:219) >>>> at org.apache.catalina.core.StandardContextValve.invoke(Standar >>>> dContextValve.java:110) >>>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A >>>> uthenticatorBase.java:506) >>>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo >>>> stValve.java:169) >>>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo >>>> rtValve.java:103) >>>> at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInv >>>> ocation(CompositeValve.java:99) >>>> at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke >>>> (CarbonTomcatValve.java:47) >>>> at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(Tena >>>> ntLazyLoaderValve.java:57) >>>> at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invok >>>> eValves(TomcatValveContainer.java:47) >>>> at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(Comp >>>> ositeValve.java:62) >>>> at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetection >>>> Valve.invoke(CarbonStuckThreadDetectionValve.java:159) >>>> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogVa >>>> lve.java:962) >>>> at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve. >>>> invoke(CarbonContextCreatorValve.java:57) >>>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard >>>> EngineValve.java:116) >>>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd >>>> apter.java:445) >>>> at org.apache.coyote.http11.AbstractHttp11Processor.process(Abs >>>> tractHttp11Processor.java:1115) >>>> at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler >>>> .process(AbstractProtocol.java:637) >>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun >>>> (NioEndpoint.java:1775) >>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(N >>>> ioEndpoint.java:1734) >>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >>>> Executor.java:1142) >>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >>>> lExecutor.java:617) >>>> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.r >>>> un(TaskThread.java:61) >>>> >>>> >>>> -- >>>> >>>> >>>> *Nuwan Silva* >>>> *Associate Technical Lead* >>>> Mobile: +9477 980 4543 <077%20980%204543> >>>> >>>> WSO2 Inc. >>>> lean . enterprise . middleware. >>>> http://www.wso2.com >>>> >>> >>> >>> >>> -- >>> Thanks and Regards, >>> >>> Isuru H. >>> +94 716 358 048 <+94%2071%20635%208048>* <http://wso2.com/>* >>> >>> >>> >> >> >> -- >> Thanks >> Abimaran Kugathasan >> Senior Software Engineer - API Technologies >> >> Email : abima...@wso2.com >> Mobile : +94 773922820 <+94%2077%20392%202820> >> >> <http://stackoverflow.com/users/515034> >> <http://lk.linkedin.com/in/abimaran> >> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimarank> >> <https://twitter.com/abimaran> >> >> > > > -- > *Thanks and Regards,* > Anuruddha Lanka Liyanarachchi > Senior Software Engineer - WSO2 > Mobile : +94 (0) 712762611 > Tel : +94 112 145 345 > a <thili...@wso2.com>nurudd...@wso2.com > -- *Nuwan Silva* *Associate Technical Lead* Mobile: +9477 980 4543 WSO2 Inc. lean . enterprise . middleware. http://www.wso2.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev