Hi, Can you try to access the dashboard once again and post the error logs printed in wso2carbon.log? You can find this in WSO2_HOME/repository/logs/ folder, where WSO2_HOME is the root of your WSO2 Identity Server.
Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature> On Sun, Feb 12, 2017 at 12:30 PM, mgbii bax <[email protected]> wrote: > Hello, > > I did not generate new keys since I have all the necessary certificates > and key for *.owndomain.com and owndomain.com. I used the same > certificates for our publicly accessible website. I followed the directions > from [1] link below to create a new keystore and import to client store. I > have also modified all affected files, replacing the wso2carbon.jks file > entries, new password, new alias, new key password etc. No End User > dashboard still. I keep on getting this message in my chrome browser: > > [1] https://docs.wso2.com/display/ADMIN446/Creating+New+Keystores > > I'm using a no GUI linux box to test the wso2 service that's why I don't > use "localhost". > > + Start from this link: > https://sub.owndomain.com:9443/dashboard > > + I get redirected to: > https://sub.owndomain.com:9443/dashboard/samlsso.jag?login=true > > + With a page that shows: > You are now being redirected to Identity Server. If the redirection fails, > please click on the button below. > > + With a "Redirect manually" button > > + Then after a few minutes.. > https://sub.owndomain.com:9443/authenticationendpoint/ > login.do?SSOAuthSessionID=1CFADEB31AC41CC6DF875E2477D387 > D2FC3CAF3CFF13B80E6BB4E747743D549BD4A2076A1DB248B925785BE187 > 247CB616305D962EAE88275514941D5167CF195DCA7E02E1A0BC0F74BDCA > C0E3778135FF5CAC684B474F4C366598995DC769681E2E7ADB9D6261888C > 107E51CDD076C58F78786004977A0BC033B5F50D6BA207&commonAuthCallerPath=% > 2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super& > sessionDataKey=b6a8a00f-fe21-4e54-b69c-49ccb3014549&relyingParty=wso2.my. > dashboard&type=samlsso&sp=wso2_sp_dashboard&isSaaSApp=true&authenticators= > BasicAuthenticator:LOCAL > > + With a page that shows: > Authentication Error ! > Something went wrong during the authentication process. Please try signing > in again. > > from logs: > 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET /dashboard/ HTTP/1.1" 302 > - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like > Gecko) Chrome/55.0.2883.87 Safari/537.36" > 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET /dashboard/login.jag > HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 > (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" > 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET > /dashboard/samlsso.jag?login=true HTTP/1.1" 200 1608 "-" "Mozilla/5.0 > (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) > Chrome/55.0.2883.87 Safari/537.36" > 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "GET /favicon.ico HTTP/1.1" > 405 832 "https://sub.owndomain.com:9443/dashboard/samlsso.jag?login=true"; > "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) > Chrome/55.0.2883.87 Safari/537.36" > 10.16.20.1 - - [12/Feb/2017:12:06:59 -0800] "POST /samlsso HTTP/1.1" 302 - > "https://sub.owndomain.com:9443/dashboard/samlsso.jag?login=true"; > "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) > Chrome/55.0.2883.87 Safari/537.36" > 10.16.20.1 - - [12/Feb/2017:12:09:10 -0800] "GET > /authenticationendpoint/login.do?SSOAuthSessionID= > 17B09FD1FE6F3B61B34F88DA13AAF56238F4A32343D04F7933F43D5C30B5 > 5CBC29DFE5F5549DCA8296B237E06BD288ABAEE827D7884844A68F5B495C > D12C0B225995658EE5253FDBFD640A120EF5FBB7BBA3125F005232F99FCF > 5A1376F2E30C433EACD840FEB8254216393B24A6B20B0ED0A6405075215C > AC7BFC24ED137543&commonAuthCallerPath=%2Fsamlsso&forceAuth=false& > passiveAuth=false&tenantDomain=carbon.super&sessionDataKey=87078deb-0812- > 4118-a227-ba3bd26dbf1b&relyingParty=wso2.my.dashboard&type=samlsso&sp= > wso2_sp_dashboard&isSaaSApp=true&authenticators=BasicAuthenticator:LOCAL > HTTP/1.1" 500 616 "https://sub.owndomain.com:9443/dashboard/samlsso.jag? > login=true" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 > (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" > 10.16.20.1 - - [12/Feb/2017:12:09:11 -0800] "GET /favicon.ico HTTP/1.1" > 405 832 "https://sub.owndomain.com:9443/authenticationendpoint/ > login.do?SSOAuthSessionID=17B09FD1FE6F3B61B34F88DA13AAF5 > 6238F4A32343D04F7933F43D5C30B55CBC29DFE5F5549DCA8296B237E06B > D288ABAEE827D7884844A68F5B495CD12C0B225995658EE5253FDBFD640A > 120EF5FBB7BBA3125F005232F99FCF5A1376F2E30C433EACD840FEB82542 > 16393B24A6B20B0ED0A6405075215CAC7BFC24ED137543&commonAuthCallerPath=% > 2Fsamlsso&forceAuth=false&passiveAuth=false&tenantDomain=carbon.super& > sessionDataKey=87078deb-0812-4118-a227-ba3bd26dbf1b&relyingParty=wso2.my. > dashboard&type=samlsso&sp=wso2_sp_dashboard&isSaaSApp=true&authenticators= > BasicAuthenticator:LOCAL" "Mozilla/5.0 (Windows NT 6.1; WOW64) > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36" > > Thanks in advance.. > > > -- > > regards > > gezeala bacuño II > > On Fri, Feb 10, 2017 at 11:30 PM, Farasath Ahamed <[email protected]> > wrote: > >> I tested the dashboard in a fresh pack and it is working fine. I see you >> are accessing it using a hostname. >> >> So you might encounter an error like below, >> *javax.net.ssl.SSLException: hostname in certificate didn’t match: >> <localhost> != sub.domain.com <http://sub.domain.com>* >> >> This happens because by default the WSO2 Identity Server ships with a >> certificate for localhost. If you are accessing via a hostname you need to >> create a self-signed certificate for that key and import it to >> client-truststore.jks >> >> Here are the steps, >> >> 1. Navigate to <IS_HOME>/repository/resources/security in your >> terminal >> 2. Assuming that you have keytool installed, run the below command to >> generate a self-signed certificate for your domain name >> >> keytool -genkey -keyalg RSA -alias selfsigned -keystore >> wso2carbon.jks -storepass wso2carbon -keysize 2048 >> (When it prompts for first name and last name give your domain >> name) >> >> 3. Export the certificate, >> keytool -export -alias selfsigned -file selfsigned.crt >> -keystore wso2carbon.jks -storepass wso2carbon >> >> 4. Import it to the client-truststore.jks >> keytool -import -alias test -file selfsigned.crt -keystore >> client-truststore.jks -storepass wso2carbon >> >> >> Can you try restarting the server after these steps and accessing the >> dashboard? >> >> >> Thanks, >> Farasath Ahamed >> Software Engineer, WSO2 Inc.; http://wso2.com >> Mobile: +94777603866 >> Blog: blog.farazath.com >> Twitter: @farazath619 <https://twitter.com/farazath619> >> <http://wso2.com/signature> >> >> >> >> On Fri, Feb 10, 2017 at 5:22 PM, mgbii bax <[email protected]> wrote: >> >>> Hello, >>> >>> I'm currently evaluating wso2 Identity Server and I'm using the latest >>> version 5.3.0. By default, with or without using a load balancer I can't >>> access the End User Dashboard as stated in docs: >>> https://docs.wso2.com/display/IS530/Using+the+End+User+Dashboard. >>> >>> https://sub.domain.com:9443/dashboard >>> https://sub.domain.com:9443/dashboard/acs >>> https://lanhostname:9443/dashboard/ >>> https://lanhostname:9443/dashboard/acs >>> >>> I have tested several times, also did a fresh test and it seems that the >>> End User Dashboard is not working for Identity Server 5.3.0. >>> >>> What are the configs that I need to modify to make it work? >>> >>> >>> -- >>> >>> regards >>> >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
