文档建议反馈控制台
首页
学习
活动
专区
圈层
工具
MCP广场
文章/答案/技术大牛
发布
首页
学习
活动
专区
圈层
工具
MCP广场
返回腾讯云官网
社区首页 >问答首页 >WSO2身份服务器和分析无法正常工作

WSO2身份服务器和分析无法正常工作
EN

Stack Overflow用户
提问于 2020-10-08 09:28:14
回答 1查看 175关注 0票数 0

我尝试使用docker-compose运行WSO2 identity server 5.9.0和Analytics 5.8.0 (我遵循以下说明:https://github.com/wso2/docker-is/tree/5.9.x/docker-compose/is-with-analytics)

当我使用admin帐户在localhost:9443/dashboard登录时,我得到了以下错误。

代码语言:javascript
运行
复制
identity-server_1                      | [2020-10-08 01:18:11,521] [cc08159e-92a6-41ce-a34c-f1ff61a15600] ERROR {org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker} - Error while trying to connect to the endpoint. Cannot borrow client for ssl://identity-server-analytics-worker:7712. org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException: Cannot borrow client for ssl://identity-server-analytics-worker:7712.
identity-server_1                      |    at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:145)
identity-server_1                      |    at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.run(DataEndpointConnectionWorker.java:59)
identity-server_1                      |    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
identity-server_1                      |    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
identity-server_1                      |    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
identity-server_1                      |    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
identity-server_1                      |    at java.lang.Thread.run(Thread.java:748)
identity-server_1                      | Caused by: org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException: Error while trying to login to the data receiver.
identity-server_1                      |    at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint.login(ThriftDataEndpoint.java:54)
identity-server_1                      |    at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:139)
identity-server_1                      |    ... 6 more
identity-server_1                      | Caused by: org.apache.thrift.transport.TTransportException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
identity-server_1                      |    at org.apache.thrift.transport.TIOStreamTransport.flush(TIOStreamTransport.java:161)
identity-server_1                      |    at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:73)
identity-server_1                      |    at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:62)
identity-server_1                      |    at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecureEventTransmissionService$Client.send_connect(ThriftSecureEventTransmissionService.java:104)
identity-server_1                      |    at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecureEventTransmissionService$Client.connect(ThriftSecureEventTransmissionService.java:95)
identity-server_1                      |    at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint.login(ThriftDataEndpoint.java:47)
identity-server_1                      |    ... 7 more
identity-server_1                      | Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
identity-server_1                      |    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
identity-server_1                      |    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
identity-server_1                      |    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
identity-server_1                      |    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
identity-server_1                      |    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
identity-server_1                      |    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
identity-server_1                      |    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
identity-server_1                      |    at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
identity-server_1                      |    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
identity-server_1                      |    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
identity-server_1                      |    at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)
identity-server_1                      |    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
identity-server_1                      |    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
identity-server_1                      |    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
identity-server_1                      |    at org.apache.thrift.transport.TIOStreamTransport.flush(TIOStreamTransport.java:159)
identity-server_1                      |    ... 12 more
identity-server_1                      | Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
identity-server_1                      |    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
identity-server_1                      |    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
identity-server_1                      |    at sun.security.validator.Validator.validate(Validator.java:262)
identity-server_1                      |    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
identity-server_1                      |    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:237)
identity-server_1                      |    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
identity-server_1                      |    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
identity-server_1                      |    ... 22 more
identity-server_1                      | Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
identity-server_1                      |    at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
identity-server_1                      |    at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
identity-server_1                      |    at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
identity-server_1                      |    at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
identity-server_1                      |    ... 28 more
identity-server_1                      | 
identity-server_1                      | [2020-10-08 01:18:16,164] [cc08159e-92a6-41ce-a34c-f1ff61a15600]  WARN {org.apache.thrift.transport.TIOStreamTransport} - Error closing output stream. java.net.SocketException: Socket is closed
identity-server_1                      |    at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1524)
identity-server_1                      |    at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1545)
identity-server_1                      |    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
identity-server_1                      |    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
identity-server_1                      |    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
identity-server_1                      |    at java.io.FilterOutputStream.close(FilterOutputStream.java:158)
identity-server_1                      |    at org.apache.thrift.transport.TIOStreamTransport.close(TIOStreamTransport.java:110)
identity-server_1                      |    at org.apache.thrift.transport.TSocket.close(TSocket.java:235)
identity-server_1                      |    at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftSecureClientPoolFactory.terminateClient(ThriftSecureClientPoolFactory.java:99)
identity-server_1                      |    at org.wso2.carbon.databridge.agent.client.AbstractClientPoolFactory.destroyObject(AbstractClientPoolFactory.java:71)
identity-server_1                      |    at org.apache.commons.pool.impl.GenericKeyedObjectPool.evict(GenericKeyedObjectPool.java:1976)
identity-server_1                      |    at org.apache.commons.pool.impl.GenericKeyedObjectPool$Evictor.run(GenericKeyedObjectPool.java:2350)
identity-server_1                      |    at java.util.TimerThread.mainLoop(Timer.java:555)
identity-server_1                      |    at java.util.TimerThread.run(Timer.java:505)
identity-server_1                      |

此外,当我进入分析仪表板(https://localhost:9643/portal/)时,我得到了以下错误

代码语言:javascript
运行
复制
identity-server-analytics-dashboard_1  | [2020-10-08 01:24:22,273] ERROR {org.wso2.transport.http.netty.contractimpl.listener.WebSocketServerHandshakeHandler} - Error during WebSocket server handshake io.netty.handler.codec.DecoderException: javax.net.ssl.SSLException: Received fatal alert: bad_certificate
identity-server-analytics-dashboard_1  |    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:459)
identity-server-analytics-dashboard_1  |    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265)
identity-server-analytics-dashboard_1  |    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
identity-server-analytics-dashboard_1  |    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
identity-server-analytics-dashboard_1  |    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
identity-server-analytics-dashboard_1  |    at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1359)
identity-server-analytics-dashboard_1  |    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
identity-server-analytics-dashboard_1  |    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
identity-server-analytics-dashboard_1  |    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:935)
identity-server-analytics-dashboard_1  |    at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:141)
identity-server-analytics-dashboard_1  |    at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:645)
identity-server-analytics-dashboard_1  |    at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:580)
identity-server-analytics-dashboard_1  |    at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:497)
identity-server-analytics-dashboard_1  |    at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:459)
identity-server-analytics-dashboard_1  |    at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:886)
identity-server-analytics-dashboard_1  |    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
identity-server-analytics-dashboard_1  |    at java.lang.Thread.run(Thread.java:748)
identity-server-analytics-dashboard_1  | Caused by: javax.net.ssl.SSLException: Received fatal alert: bad_certificate
identity-server-analytics-dashboard_1  |    at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
identity-server-analytics-dashboard_1  |    at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1647)
identity-server-analytics-dashboard_1  |    at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1615)
identity-server-analytics-dashboard_1  |    at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1781)
identity-server-analytics-dashboard_1  |    at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1070)
identity-server-analytics-dashboard_1  |    at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:896)
identity-server-analytics-dashboard_1  |    at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:766)
identity-server-analytics-dashboard_1  |    at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
identity-server-analytics-dashboard_1  |    at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:292)
identity-server-analytics-dashboard_1  |    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1248)
identity-server-analytics-dashboard_1  |    at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1159)
identity-server-analytics-dashboard_1  |    at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1194)
identity-server-analytics-dashboard_1  |    at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:489)
identity-server-analytics-dashboard_1  |    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:428)
identity-server-analytics-dashboard_1  |    ... 16 more
identity-server-analytics-dashboard_1  |

并且分析仪表板未检测到Identity Server的登录日志。我想正确地使用分析,并清楚地检测登录日志。

我使用的是Ubuntu 18.04 LTS。我怎么才能修复它?

ssl
wso2
wso2is
wso2carbon
EN

回答 1

Stack Overflow用户

发布于 2020-10-09 00:56:41

查看堆栈跟踪,您的Analytics Server的公共证书似乎没有导入到Identity Server的client-truststore.jks中。(需要重新启动)

使用以下命令导出您的Analytics服务器的公共证书。

keytool -exportcert -keystore wso2carbon.jks -alias [alias] -file cert.cer

使用以下命令将提取的证书导入Identity Server的客户机信任库。

keytool -importcert -file cert.cer -keystore client-truststore.jks -alias wso2-analytics

重新启动Identity Server。

P.S.

要找到第一个命令的alias值,您可能需要使用下面的命令列出Analytics Server的wso2carbon.jks的所有证书,并找到表示为PrivateKeyEntry的证书。使用该证书的别名。

keytool -list -v -keystore wso2carbon.jks

票数 0
EN
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:

https://stackoverflow.com/questions/64254530

复制
相关文章

相似问题

领券

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2025 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 深公网安备号 44030502008569

腾讯云计算(北京)有限责任公司 京ICP证150476号 |  京ICP备11018762号 | 京公网安备号11010802020287

问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档