在发布服务器或存储上登录时未验证的对等方
在发布服务器或存储上登录时未验证的对等方
提问于 2020-03-12 06:43:53
当登录到/publisher或/store时,我会得到"Peer未通过身份验证“错误。
为了提供更多的上下文,我创建了一个新的密钥存储库,并将其.pem证书导入了client-trustore.jks,最后更新了SSL密钥存储库配置,以使用这个新配置,如下所示:https://docs.wso2.com/display/ADMIN44x/Configuring+Keystores+in+WSO2+Products#Configuring%20keystores%20for%20SSL%20connections
启用SSL的WSO2日志:
%% Invalidated: [Session-11, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
http-nio-9443-exec-25, SEND TLSv1.2 ALERT: fatal, description = certificate_unknown
http-nio-9443-exec-25, WRITE: TLSv1.2 Alert, length = 2
http-nio-9443-exec-25, called closeSocket()
http-nio-9443-exec-25, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
http-nio-9443-exec-25, IOException in getSession(): javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
http-nio-9443-exec-45, READ: TLSv1.2 Alert, length = 2
http-nio-9443-exec-45, RECV TLSv1.2 ALERT: fatal, certificate_unknown
http-nio-9443-exec-45, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
http-nio-9443-exec-45, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
http-nio-9443-exec-45, called closeOutbound()
http-nio-9443-exec-45, closeOutboundInternal()
http-nio-9443-exec-45, SEND TLSv1.2 ALERT: warning, description = close_notify
http-nio-9443-exec-45, WRITE: TLSv1.2 Alert, length = 2
TID: [-1234] [] [2020-03-10 15:03:32,866] INFO {org.wso2.carbon.core.internal.permission.update.PermissionUpdater} - Permission cache updated for tenant -1234 {org.wso2.carbon.core.internal.permission.update.PermissionUpdater}
TID: [-1234] [] [2020-03-10 15:03:32,898] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://<serverPublicIP>:9443/services/AuthenticationAdmin] {org.apache.axis2.transport.http.HTTPSender}
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:450)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:276)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:186)我使用的keytool命令:
// Create the keystore
$ keytool -genkey -alias custom -keyalg RSA -keysize 2048 -keystore custom.jks -dname "CN=<myhostdomain>, OU=Home,O=Home,L=SL,S=WS,C=LK" -storepass wso2carbon -keypass wso2carbon
// Export the new keystore certificate
$ keytool -export -alias custom -keystore custom.jks -file custom.pem
// Import the new certificate into the client-truststore
$ keytool -import -alias custom -file custom.pem -keystore client-truststore.jks -storepass wso2carbon产品版本:
APIM2.6(不使用IS作为密钥管理器,只使用股票WSO2 API管理器)
回答 1
Stack Overflow用户
回答已采纳
发布于 2020-03-13 06:57:12
在一个干净的装置上不断地重复这个问题。问题是,我在浏览器中启用了H2数据库可视化,方法是在carbon.xml中更改此配置(注释):
<H2DatabaseConfiguration>
<property name="web" />
<property name="webPort">8082</property>
<property name="webAllowOthers" /> 由于某些原因,这会导致在登录到发布服务器或存储时,对等程序没有通过身份验证的错误。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/60648840
复制相关文章
相似问题
腾讯云开发者
