Hello, I did not generate new keys since I have all the necessary certificates and key for *.owndomain.com and owndomain.com. I used the same certificates for our publicly accessible website. I followed the directions from [1] link below to create a new keystore and import to client store. I have also modified all affected files, replacing the wso2carbon.jks file entries, new password, new alias, new key password etc. No End User dashboard still. I keep on getting this message in my chrome browser:
[1] https://docs.wso2.com/display/ADMIN446/Creating+New+Keystores I'm using a no GUI linux box to test the wso2 service that's why I don't use "localhost". + Start from this link: https://sub.owndomain.com:9443/dashboard + I get redirected to: https://sub.owndomain.com:9443/dashboard/samlsso.jag?login=true + With a page that shows: You are now being redirected to Identity Server. If the redirection fails, please click on the button below. + With a "Redirect manually" button + Then after a few minutes.. https://sub.owndomain.com:9443/authenticationendpoint/login.do?SSOAuthSessionID=1CFADEB31AC41CC6DF875E2477D387D2FC3CAF3CFF13B80E6BB4E747743D549BD4A2076A1DB248B925785BE187247CB616305D962EAE88275514941D5167CF195DCA7E02E1A0BC0F74BDCAC0E3778135FF5CAC684B474F4C366598995DC769681E2E7ADB9D6261888C107E51CDD076C58F78786004977A0BC033B5F50D6BA207&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=b6a8a00f-fe21-4e54-b69c-49ccb3014549&relyingParty=wso2.my.dashboard&type=samlsso&sp=wso2_sp_dashboard&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL + With a page that shows: Authentication Error ! Something went wrong during the authentication process. Please try signing in again. from logs: 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET /dashboard/ HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET /dashboard/login.jag HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET /dashboard/samlsso.jag?login=true HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET /favicon.ico HTTP/1.1" 405 832 "https://sub.owndomain.com:9443/dashboard/samlsso.jag?login=true"; "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "POST /samlsso HTTP/1.1" 302 - " https://sub.owndomain.com:9443/dashboard/samlsso.jag?login=true"; "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" 10.16.20.1 - - [12/Feb/2017:12:09:10 -0800] "GET /authenticationendpoint/login.do?SSOAuthSessionID=17B09FD1FE6F3B61B34F88DA13AAF56238F4A32343D04F7933F43D5C30B55CBC29DFE5F5549DCA8296B237E06BD288ABAEE827D7884844A68F5B495CD12C0B225995658EE5253FDBFD640A120EF5FBB7BBA3125F005232F99FCF5A1376F2E30C433EACD840FEB8254216393B24A6B20B0ED0A6405075215CAC7BFC24ED137543&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=87078deb-0812-4118-a227-ba3bd26dbf1b&relyingParty=wso2.my.dashboard&type=samlsso&sp=wso2_sp_dashboard&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL HTTP/1.1" 500 616 " https://sub.owndomain.com:9443/dashboard/samlsso.jag?login=true"; "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" 10.16.20.1 - - [12/Feb/2017:12:09:11 -0800] "GET /favicon.ico HTTP/1.1" 405 832 " https://sub.owndomain.com:9443/authenticationendpoint/login.do?SSOAuthSessionID=17B09FD1FE6F3B61B34F88DA13AAF56238F4A32343D04F7933F43D5C30B55CBC29DFE5F5549DCA8296B237E06BD288ABAEE827D7884844A68F5B495CD12C0B225995658EE5253FDBFD640A120EF5FBB7BBA3125F005232F99FCF5A1376F2E30C433EACD840FEB8254216393B24A6B20B0ED0A6405075215CAC7BFC24ED137543&commonAuthCallerPath=%2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=87078deb-0812-4118-a227-ba3bd26dbf1b&relyingParty=wso2.my.dashboard&type=samlsso&sp=wso2_sp_dashboard&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL"; "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" Thanks in advance.. -- regards gezeala bacuño II On Fri, Feb 10, 2017 at 11:30 PM, Farasath Ahamed <[email protected]> wrote: > I tested the dashboard in a fresh pack and it is working fine. I see you > are accessing it using a hostname. > > So you might encounter an error like below, > *javax.net.ssl.SSLException: hostname in certificate didn’t match: > <localhost> != sub.domain.com <http://sub.domain.com>* > > This happens because by default the WSO2 Identity Server ships with a > certificate for localhost. If you are accessing via a hostname you need to > create a self-signed certificate for that key and import it to > client-truststore.jks > > Here are the steps, > > 1. Navigate to <IS_HOME>/repository/resources/security in your terminal > 2. Assuming that you have keytool installed, run the below command to > generate a self-signed certificate for your domain name > > keytool -genkey -keyalg RSA -alias selfsigned -keystore > wso2carbon.jks -storepass wso2carbon -keysize 2048 > (When it prompts for first name and last name give your domain > name) > > 3. Export the certificate, > keytool -export -alias selfsigned -file selfsigned.crt -keystore > wso2carbon.jks -storepass wso2carbon > > 4. Import it to the client-truststore.jks > keytool -import -alias test -file selfsigned.crt -keystore > client-truststore.jks -storepass wso2carbon > > > Can you try restarting the server after these steps and accessing the > dashboard? > > > Thanks, > Farasath Ahamed > Software Engineer, WSO2 Inc.; http://wso2.com > Mobile: +94777603866 > Blog: blog.farazath.com > Twitter: @farazath619 <https://twitter.com/farazath619> > <http://wso2.com/signature> > > > > On Fri, Feb 10, 2017 at 5:22 PM, mgbii bax <[email protected]> wrote: > >> Hello, >> >> I'm currently evaluating wso2 Identity Server and I'm using the latest >> version 5.3.0. By default, with or without using a load balancer I can't >> access the End User Dashboard as stated in docs: >> https://docs.wso2.com/display/IS530/Using+the+End+User+Dashboard. >> >> https://sub.domain.com:9443/dashboard >> https://sub.domain.com:9443/dashboard/acs >> https://lanhostname:9443/dashboard/ >> https://lanhostname:9443/dashboard/acs >> >> I have tested several times, also did a fresh test and it seems that the >> End User Dashboard is not working for Identity Server 5.3.0. >> >> What are the configs that I need to modify to make it work? >> >> >> -- >> >> regards >> >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
