SSL-Connection causes javax.net.ssl.SSLException:

2019-03-02 20:40发布

I am currently setting up a dockerized WSO Api Manager. We have got a wildcard certificates for our domain. I successfully transformed it into a java keystore and replaced the two jks files.

When I open the API manager, I get no ssl warnings and the browser marks my connection as secure.

When I try to login I get an error :

In the log files I get :

TID: [-1234] [] [2017-03-24 11:37:55,305]  INFO     
     {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost   
     to    url[https://localhost:9443/services/AuthenticationAdmin]  
     {org.apache.axis2.transport.http.HTTPSender}
javax.net.ssl.SSLException: hostname in certificate didn't match: 
     <localhost> != </*.mydomain.io/mydomain.io/*.mydomain.io>
     at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:341)
     at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:277)

It looks like the Server is trying to do SSL connections to localhost. So how can I add a matching certificate to the keystore allowing localhost access?

Many thanks!

标签： java ssl wso2 wso2-am wso2carbon

2条回答

对你真心纯属浪费

2楼-- · 2019-03-02 21:02

Inside the axis2\axis2.xml file on the conf folder you have to change the https transportSenderto have the following line:

<parameter name="HostnameVerifier">AllowAll</parameter>

Here you can read a little more about that

0人赞添加讨论(0) 举报

\"骚年 ilove

3楼-- · 2019-03-02 21:05

In the api-manager.xml file , change all references of localhost to match your domain name , restart , and it should be good.

Setting

<parameter name="HostnameVerifier">AllowAll</parameter>

is a security risk , Hostname Verification is there for a reason.

0人赞添加讨论(0) 举报

SSL-Connection causes javax.net.ssl.SSLException:

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间