Pavel
There is no issue with https support, you can check by running sample 0
and the client as "ant stockquote -Dtrpurl=https://localhost:8443/
-Daddurl=https://localhost:9002/soap/SimpleStockQuoteService"; and see
how both client->synapse and synapse-> server communication can take
place over https
What you do need however is to make sure that your certificates and SSL
configuration between Synapse and the client and/or server is properly
setup. I am assuming that your https://gsb.nlm.cz server does not trust
the default demo certificate that Synapse presents and thus causes the
connection to hang. On your repository/conf/axis2.xml, you will need to
configure your trust and identity keystores for SSL. These are standard
Java keystores, and Google will help you find many documents on how this
should be done
<transportSender name="https"
class="org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender">
<parameter name="non-blocking" locked="false">true</parameter>
<parameter name="keystore" locked="false">
<KeyStore>
<Location>*identity.jks*</Location>
<Type>JKS</Type>
<Password>password</Password>
<KeyPassword>*password*</KeyPassword>
</KeyStore>
</parameter>
<parameter name="truststore" locked="false">
<TrustStore>
<Location>*trust.jks*</Location>
<Type>JKS</Type>
<Password>*password*</Password>
</TrustStore>
</parameter>
<!--<parameter
name="HostnameVerifier">DefaultAndLocalhost</parameter>
supports Strict|AllowAll|DefaultAndLocalhost or the default
if none specified -->
</transportSender>
Basically you will need to tell Synapse to trust the certificate of your
gsb.nlm.cz server by importing it, or the certificate of the CA for it
as a trusted cert into the trust.jks. If you are trying to use 2 way SSL
you will need to ensure that your external server trusts the identity
cert used by Synapse in identity.jks - or import a new cert as the
identity cert into that store.
asankha
Pavel Křehula wrote:
Hello,
we tryies to use Synapse in our project as a proxy. When using http
endpoint it works great.
But when I use https endpoint, after first request Synapse starts to
consume 100% of cpu time and blocks other processes from normal work.
Requests send to Synapse are processed in normal way.
I tryied several servers (endpoints) with ssl support - the behaviour
is the same.
When I then stop Synapse it logs following errors:
2008-02-06 10:31:09,475 [192.168.0.253-sittingbull] [Thread-16] INFO
SynapseServer Shutting down Apache Synapse ...
2008-02-06 10:31:09,475 [192.168.0.253-sittingbull]
[HttpCoreNIOListener] INFO HttpCoreNIOListener Listener Shutdown
2008-02-06 10:31:09,475 [192.168.0.253-sittingbull] [Thread-16] INFO
HttpCoreNIOListener Listener shut down
2008-02-06 10:31:09,475 [192.168.0.253-sittingbull]
[HttpCoreNIOListener] INFO HttpCoreNIOListener Listener Shutdown
2008-02-06 10:31:09,475 [192.168.0.253-sittingbull] [Thread-16] INFO
HttpCoreNIOListener Listener shut down
2008-02-06 10:31:10,428 [192.168.0.253-sittingbull] [I/O dispatcher 1]
ERROR ClientHandler HTTP connection [closed]: null
java.nio.channels.AsynchronousCloseException
at java.nio.channels.spi.AbstractInterruptibleChannel.end(Unknown
Source)
at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
at
org.apache.http.impl.nio.reactor.SSLIOSession.receiveEncryptedData(SSLIOSession.java:225)
at
org.apache.http.impl.nio.reactor.SSLIOSession.isAppInputReady(SSLIOSession.java:245)
at
org.apache.synapse.transport.nhttp.SSLClientIOEventDispatch.inputReady(SSLClientIOEventDispatch.java:116)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:98)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:195)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:180)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:142)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:70)
at
org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:318)
at java.lang.Thread.run(Unknown Source)
2008-02-06 10:31:10,428 [192.168.0.253-sittingbull] [I/O dispatcher 1]
ERROR ClientHandler I/O error : null
java.nio.channels.AsynchronousCloseException
at java.nio.channels.spi.AbstractInterruptibleChannel.end(Unknown
Source)
at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
at
org.apache.http.impl.nio.reactor.SSLIOSession.receiveEncryptedData(SSLIOSession.java:225)
at
org.apache.http.impl.nio.reactor.SSLIOSession.isAppInputReady(SSLIOSession.java:245)
at
org.apache.synapse.transport.nhttp.SSLClientIOEventDispatch.inputReady(SSLClientIOEventDispatch.java:116)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:98)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:195)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:180)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:142)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:70)
at
org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:318)
at java.lang.Thread.run(Unknown Source)
2008-02-06 10:31:10,475 [192.168.0.253-sittingbull] [I/O dispatcher 2]
ERROR ClientHandler HTTP connection [closed]: null
java.nio.channels.AsynchronousCloseException
at java.nio.channels.spi.AbstractInterruptibleChannel.end(Unknown
Source)
at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
at
org.apache.http.impl.nio.reactor.SSLIOSession.receiveEncryptedData(SSLIOSession.java:225)
at
org.apache.http.impl.nio.reactor.SSLIOSession.isAppInputReady(SSLIOSession.java:245)
at
org.apache.synapse.transport.nhttp.SSLClientIOEventDispatch.inputReady(SSLClientIOEventDispatch.java:116)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:98)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:195)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:180)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:142)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:70)
at
org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:318)
at java.lang.Thread.run(Unknown Source)
2008-02-06 10:31:10,475 [192.168.0.253-sittingbull] [I/O dispatcher 2]
ERROR ClientHandler I/O error : null
java.nio.channels.AsynchronousCloseException
at java.nio.channels.spi.AbstractInterruptibleChannel.end(Unknown
Source)
at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
at
org.apache.http.impl.nio.reactor.SSLIOSession.receiveEncryptedData(SSLIOSession.java:225)
at
org.apache.http.impl.nio.reactor.SSLIOSession.isAppInputReady(SSLIOSession.java:245)
at
org.apache.synapse.transport.nhttp.SSLClientIOEventDispatch.inputReady(SSLClientIOEventDispatch.java:116)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:98)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:195)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:180)
at
org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:142)
at
org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:70)
at
org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:318)
at java.lang.Thread.run(Unknown Source)
2008-02-06 10:31:10,491 [192.168.0.253-sittingbull]
[HttpCoreNIOSender] INFO HttpCoreNIOSender Sender Shutdown
2008-02-06 10:31:10,491 [192.168.0.253-sittingbull] [Thread-16] INFO
HttpCoreNIOSender Sender shut down
2008-02-06 10:31:10,491 [192.168.0.253-sittingbull]
[HttpCoreNIOSender] INFO HttpCoreNIOSender Sender Shutdown
2008-02-06 10:31:10,491 [192.168.0.253-sittingbull] [Thread-16] INFO
HttpCoreNIOSender Sender shut down
2008-02-06 10:31:10,506 [192.168.0.253-sittingbull] [Thread-16] INFO
SynapseServer Shutdown complete
2008-02-06 10:31:10,506 [192.168.0.253-sittingbull] [Thread-16] INFO
SynapseServer Halting JVM
-------------------------------------------
content of configuration file:
<definitions xmlns="http://ws.apache.org/ns/synapse";>
<localEntry key="sec_policy" src="file:repository/conf/policy.xml"/>
<log level="simple"/>
<sequence name="fault">
<log level="custom">
<property name="text" value="SYNAPSE (LOCAL) error"/>
<property name="message"
expression="get-property('ERROR_MESSAGE')"/>
</log>
<makefault>
<code value="tns:Receiver"
xmlns:tns="http://www.w3.org/2003/05/soap-envelope"/>
<reason expression="get-property('ERROR_MESSAGE')"/>
</makefault>
<property name="RESPONSE" value="true"/>
<send/>
</sequence>
<proxy name="FindPerson" transports="http https">
<target>
<inSequence>
<log level="custom">
<property name="text" value="SYNAPSE (LOCAL)
processing"/>
<property name="message"
expression="get-property('direction')"/>
</log>
</inSequence>
<endpoint>
<address
uri="https://gsb.nlm.cz/csp/samples/FindPerson.cls";>
<timeout>
<duration>10</duration>
<action>fault</action>
</timeout>
</address>
</endpoint>
<outSequence>
<send/>
</outSequence>
</target>
<publishWSDL uri="file:repository/wsdl/PersonQuery.wsdl"/>
</proxy>
</definitions>
Is there any explanation of that behavior or some configuration change?
Thanks.
