Hi Aprana, I am getting the same issue while accessing APIM distributed cluster nodes fronted through loadbalancer(nginx) instance. Did you able to solve this issue ? If so how did you solve it ?
Regards, Malintha On Wed, Oct 28, 2015 at 2:09 PM, Isuru Udana <[email protected]> wrote: > Hi Aparna, > > Bundles are coming from features, whatever version defined in the product > pom have no relationship for that. > > Thanks. > > On Wed, Oct 28, 2015 at 11:20 AM, Aparna Karunarathna <[email protected]> > wrote: > >> Hi Isuru, >> >> I checked version from the ESB master branch pom[1]. >> >> <httpclient.version>4.1.2</httpclient.version> >> >> [1] https://github.com/wso2/product-esb/blob/master/pom.xml >> >> Regards, >> Aparna. >> >> On Tue, Oct 27, 2015 at 5:41 AM, Isuru Udana <[email protected]> wrote: >> >>> Hi Aparna, >>> >>> We are using 4.3.1. >>> >>> >>> Thanks. >>> >>> On Mon, Oct 26, 2015 at 10:36 AM, Aparna Karunarathna <[email protected]> >>> wrote: >>> >>>> Hi Kasun/Isuru, >>>> >>>> Currently ESB uses Apache httpclient 4.1.2, shouldn't it upgrade to >>>> newer version? >>>> >>>> @Deep, Thanks for the clarification. >>>> >>>> Regards, >>>> Aparna >>>> >>>> On Sat, Oct 24, 2015 at 11:38 AM, Deependra Ariyadewa <[email protected]> >>>> wrote: >>>> >>>>> Hi Aparna, >>>>> >>>>> This can happen when the client does not send the SNI[1][2] to the >>>>> server side to select the proper HTTPS virtual host. In this case NGINX >>>>> reverse proxy created in the vhost. Most of the modern browsers send SNI >>>>> to >>>>> server, therefore you will not observe this when you make the request via >>>>> a >>>>> modern browser. >>>>> >>>>> Most of the new Java HTTP client libraries also support SNI. As an >>>>> example, Apache httpclient library support SNI from version 4.3.2 [3]. If >>>>> you use a library which does not support SNI, you will get this error for >>>>> HTTPS call going towards services hosted in virtual host environments. >>>>> >>>>> [1] https://en.wikipedia.org/wiki/Server_Name_Indication >>>>> [2] https://www.ietf.org/rfc/rfc3546.txt >>>>> [3] https://hc.apache.org/news.html >>>>> >>>>> On Fri, Oct 23, 2015 at 11:07 AM, Aparna Karunarathna <[email protected] >>>>> > wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> I have encountered a weird "hostname in certificate didn't match:" >>>>>> issue when accessing IS dashboard. My setup details are as follows. >>>>>> >>>>>> *Setup Details* >>>>>> *IS cluster* >>>>>> - 3 nodes cluster >>>>>> - Hostname - mgt.is.wso2.com >>>>>> - Certificate CN - mgt.is.wso2.com >>>>>> >>>>>> *BPS cluster* >>>>>> - 2 nodes cluster (manager/worker) >>>>>> - Hostnames - Manager - mgt.bps.wso2.com / Worker - wrk.bps.wso2.com >>>>>> - Certificate CN - *.bps.wso2.com >>>>>> >>>>>> * Both nodes are fronted by same Nginx plus load balancer. >>>>>> >>>>>> [1] >>>>>> javax.net.ssl.SSLException: hostname in certificate didn't match: < >>>>>> mgt.is.wso2.com> != <*.bps.wso2.com> >>>>>> at >>>>>> org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:238) >>>>>> at >>>>>> org.apache.http.conn.ssl.BrowserCompatHostnameVerifier.verify(BrowserCompatHostnameVerifier.java:54) >>>>>> .... >>>>>> .... >>>>>> >>>>>> When we check the browser cookie, it gave correct certificate. ( >>>>>> mgt.is.wso2.com), but when we check it from java client[2] it gives >>>>>> the bps certificate (*.bps.wso2.com) instead of IS. >>>>>> >>>>>> [2] >>>>>> https://darray.wordpress.com/2015/07/12/freak-vulnerability-and-disabling-weak-export-cipher-suites-in-wso2-carbon-4-2-0-based-products/ >>>>>> >>>>>> What is the reason for this? Is it my config issue or Nginx issue or >>>>>> our product issue? >>>>>> >>>>>> -- >>>>>> *Regards,* >>>>>> >>>>>> *Aparna Karunarathna.* >>>>>> >>>>>> >>>>>> *Associate Technical Lead - QAWSO2 Inc.Mobile: 0714002533 >>>>>> <0714002533>* >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Deependra Ariyadewa >>>>> WSO2, Inc. http://wso2.com/ http://wso2.org >>>>> >>>>> email [email protected]; cell +94 71 403 5996 ; >>>>> Blog http://risenfall.wordpress.com/ >>>>> PGP info: KeyID: 'DC627E6F' >>>>> >>>>> *WSO2 - Lean . Enterprise . Middleware* >>>>> >>>> >>>> >>>> >>>> -- >>>> *Regards,* >>>> >>>> *Aparna Karunarathna.* >>>> >>>> >>>> *Associate Technical Lead - QAWSO2 Inc.Mobile: 0714002533 <0714002533>* >>>> >>> >>> >>> >>> -- >>> *Isuru Udana* >>> Associate Technical Lead >>> WSO2 Inc.; http://wso2.com >>> email: [email protected] cell: +94 77 3791887 >>> blog: http://mytecheye.blogspot.com/ >>> >> >> >> >> -- >> *Regards,* >> >> *Aparna Karunarathna.* >> >> >> *Associate Technical Lead - QAWSO2 Inc.Mobile: 0714002533 <0714002533>* >> > > > > -- > *Isuru Udana* > Associate Technical Lead > WSO2 Inc.; http://wso2.com > email: [email protected] cell: +94 77 3791887 > blog: http://mytecheye.blogspot.com/ > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Malintha Adikari* Software Engineer WSO2 Inc.; http://wso2.com lean.enterprise.middleware Mobile: +94 71 2312958 Blog: http://malinthas.blogspot.com Page: http://about.me/malintha
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
