Hi All,
Thank you Yasassri and all for the tips to figure out the issue.
However we have debugged this issue a little further. The reason for this
issue is, although we have imported the correct certificates to
client-trustore when SSL handshake takes place, server was sending a wrong
certificate to the client.
Nginx server has mulitiple SSL certificates configured for the same port
(443) which was using for other servers. Therefore nginx sending a wrong
certificate.
AFAIK this can happen if the client doesn't send SNI information to the
server, So either the client is communicating with SSL 1.0 (which doesn't
support SNI) or the client is sending wrong SNI information to the server.
(I actually couldn't verify this)
As a Temporary solution, I have forced Nginx to send key manager
certificates if SNI information is not present. The Nginx configs are as
follows.
server {
listen 443 default;
server_name is.dev.wso2.org;
ssl on;
ssl_certificate /etc/nginx/ssl/keymgt.crt;
ssl_certificate_key /etc/nginx/ssl/keymgt.key;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_read_timeout 5m;
proxy_send_timeout 5m;
proxy_redirect https://ssl.wso2.is.com
https://is.dev.wso2.org;
proxy_pass https://ssl.wso2.is.com;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
This seems like an issue, Is there any config in APIM, I can change to get
this property?
Thank you,
Chalitha.
On Mon, Nov 27, 2017 at 4:51 PM, Chalitha Waldeniyage <[email protected]>
wrote:
> Hi Chamin,
>
> Those configuration are verified as per [1]. However these are not
> manually configured.Used existing puppet configuration.
>
> [1] https://docs.wso2.com/display/AM210/Distributed+Deployment+
> of+API+Manager
>
>
> Thank you,
> Chalitha.
>
> On Mon, Nov 27, 2017 at 2:53 PM, Chamin Dias <[email protected]> wrote:
>
>> Hi,
>>
>> Based on this answer
>> <https://stackoverflow.com/questions/39649801/wso2-am-2-0-0-error-occurred-while-executing-the-action-generateapplicationkey>,
>> this error might happen due to datasource configuration in IS. Shall we
>> recheck those?
>>
>> Thanks.
>>
>> On Mon, Nov 27, 2017 at 12:23 PM, Chalitha Waldeniyage <[email protected]
>> > wrote:
>>
>>>
>>>
>>> On Mon, Nov 27, 2017 at 12:20 PM, Chalitha Waldeniyage <
>>> [email protected]> wrote:
>>>
>>>> Adding Asela
>>>>
>>>> On Mon, Nov 27, 2017 at 11:26 AM, Chalitha Waldeniyage <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi Harsha/Samitha,
>>>>>
>>>>> Yes i have created a self sign certificate as per [1] and imported all
>>>>> the nginx public keys there. I have verified that with above command as
>>>>> well.
>>>>> Here with I'm attaching the client trust.jks file which i'm using in
>>>>> the servers.
>>>>> Further key manager is fronted via nginx.
>>>>>
>>>>> On Sun, Nov 26, 2017 at 10:09 PM, Samitha Chathuranga <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hi Chalitha,
>>>>>>
>>>>>> Are you pointing KM (from other nodes) through load balancer? I don't
>>>>>> think you have done so. And if you have changed the hostnames of the
>>>>>> servers, the default keystore/client-trustore won't work. Refer [1]
>>>>>>
>>>>>> To check which certificates are in a Java keystore, enter the below
>>>>>> command.
>>>>>>
>>>>>> keytool -list -v -keystore client-truststore.jks
>>>>>>
>>>>>>
>>>>>> [1] - https://github.com/wso2/puppet-apim/tree/master/wso2am_runti
>>>>>> me#keystore-and-client-truststore-related-configs
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>> Samitha
>>>>>>
>>>>>> On Sun, Nov 26, 2017 at 7:17 PM, Harsha Kumara <[email protected]>
>>>>>> wrote:
>>>>>>
>>>>>>> Hi Chalitha,
>>>>>>>
>>>>>>> It seems KM certificate isn't imported to the trustee. Can you
>>>>>>> verify it? If so we will need to fix it.
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Harsha
>>>>>>>
>>>>>>> On Sun, Nov 26, 2017 at 1:46 PM, Chalitha Waldeniyage <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Hi All,
>>>>>>>>
>>>>>>>> I'm setting up an APIM cluster puppet patten 6 using APIM 2.1.0
>>>>>>>> puppet scripts[1].
>>>>>>>> When I try to generate keys for an application, pub/store nodes
>>>>>>>> are throwing the below error. (IS 5.3.0 used as the Keymanager)
>>>>>>>> Additionally in gateway Manager and worker also throwing the
>>>>>>>> similar errors in the startup. I have imported the nginx public cert
>>>>>>>> to the
>>>>>>>> each node client-truststore.jks file as per instruction in
>>>>>>>> [2] .
>>>>>>>> Could you please looking to this?
>>>>>>>>
>>>>>>>>
>>>>>>>> *pub/store Node error:*
>>>>>>>> TID: [-1234] [] [2017-11-26 06:40:15,956] ERROR
>>>>>>>> {org.wso2.carbon.apimgt.impl.APIConsumerImpl} - Could not execute
>>>>>>>> Workflow {org.wso2.carbon.apimgt.impl.APIConsumerImpl}
>>>>>>>>
>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.WorkflowException: Error occurred
>>>>>>>> when updating the status of the Application creation process
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationSimpleWorkflowExecutor.complete(ApplicationRegistrationSimpleWorkflowExecutor.java:82)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationSimpleWorkflowExecutor.execute(ApplicationRegistrationSimpleWorkflowExecutor.java:54)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.APIConsumerImpl.requestApprovalForApplicationRegistration(APIConsumerImpl.java:2789)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.UserAwareAPIConsumer.requestApprovalForApplicationRegistration(UserAwareAPIConsumer.java:36)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject.jsFunction_getApplicationKey(APIStoreHostObject.java:385)
>>>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>>>>> at
>>>>>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>>>>>>> at
>>>>>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>>>>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>>>>>>> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c3._c_anonymous_2(/store/modules/subscription/key.jag:39)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c3.call(/store/modules/subscription/key.jag)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.ScriptRuntime.applyOrCall(ScriptRuntime.java:2430)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.BaseFunction.execIdCall(BaseFunction.java:269)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.IdFunctionObject.call(IdFunctionObject.java:97)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:42)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c0._c_anonymous_10(/store/modules/subscription/module.jag:35)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c0.call(/store/modules/subscription/module.jag)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0._c_anonymous_1(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag:240)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0._c_script_0(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag:3)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
>>>>>>>> at
>>>>>>>> org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.exec(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebAppManager.java:588)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:508)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29)
>>>>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
>>>>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:377)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
>>>>>>>> at
>>>>>>>> org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>> at
>>>>>>>> org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>>>>>>>> at
>>>>>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
>>>>>>>> at
>>>>>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
>>>>>>>> at
>>>>>>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:958)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
>>>>>>>> at
>>>>>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>>>>>>>> at
>>>>>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:452)
>>>>>>>> at
>>>>>>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)
>>>>>>>> at
>>>>>>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
>>>>>>>> at
>>>>>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1756)
>>>>>>>> at
>>>>>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1715)
>>>>>>>> at
>>>>>>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>>>>>>> at
>>>>>>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>>>>>>> at
>>>>>>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>>>>>>> at java.lang.Thread.run(Thread.java:745)
>>>>>>>> Caused by: org.wso2.carbon.apimgt.api.APIManagementException: Error
>>>>>>>> occurred while executing SubscriberKeyMgtClient.
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.utils.APIUtil.handleException(APIUtil.java:1269)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegistrationWorkflowExecutor.dogenerateKeysForApplication(AbstractApplicationRegistrationWorkflowExecutor.java:155)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegistrationWorkflowExecutor.generateKeysForApplication(AbstractApplicationRegistrationWorkflowExecutor.java:118)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationSimpleWorkflowExecutor.complete(ApplicationRegistrationSimpleWorkflowExecutor.java:78)
>>>>>>>> ... 75 more
>>>>>>>> Caused by: org.wso2.carbon.apimgt.api.APIManagementException: Error
>>>>>>>> while creating tokens - sun.security.validator.ValidatorException:
>>>>>>>> PKIX path building failed:
>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>> find valid certification path to requested target
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.handleException(AMDefaultKeyManagerImpl.java:639)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.getNewApplicationAccessToken(AMDefaultKeyManagerImpl.java:389)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegistrationWorkflowExecutor.dogenerateKeysForApplication(AbstractApplicationRegistrationWorkflowExecutor.java:151)
>>>>>>>> ... 77 more
>>>>>>>> Caused by: javax.net.ssl.SSLHandshakeException:
>>>>>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>> find valid certification path to requested target
>>>>>>>> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>>>>>>>> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
>>>>>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
>>>>>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
>>>>>>>> at
>>>>>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
>>>>>>>> at
>>>>>>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
>>>>>>>> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
>>>>>>>> at
>>>>>>>> sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
>>>>>>>> at
>>>>>>>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
>>>>>>>> at
>>>>>>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
>>>>>>>> at
>>>>>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
>>>>>>>> at
>>>>>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
>>>>>>>> at
>>>>>>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
>>>>>>>> at
>>>>>>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:178)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
>>>>>>>> at
>>>>>>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
>>>>>>>> at
>>>>>>>> org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.getNewApplicationAccessToken(AMDefaultKeyManagerImpl.java:363)
>>>>>>>> ... 78 more
>>>>>>>> Caused by: sun.security.validator.ValidatorException: PKIX path
>>>>>>>> building failed:
>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>> find valid certification path to requested target
>>>>>>>> at
>>>>>>>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
>>>>>>>> at
>>>>>>>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
>>>>>>>> at sun.security.validator.Validator.validate(Validator.java:260)
>>>>>>>> at
>>>>>>>> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
>>>>>>>> at
>>>>>>>> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
>>>>>>>> at
>>>>>>>> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
>>>>>>>> at
>>>>>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)
>>>>>>>> ... 97 more
>>>>>>>> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
>>>>>>>> unable to find valid certification path to requested target
>>>>>>>> at
>>>>>>>> sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
>>>>>>>> at
>>>>>>>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
>>>>>>>> at
>>>>>>>> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
>>>>>>>> at
>>>>>>>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
>>>>>>>> ... 103 more
>>>>>>>>
>>>>>>>> ... 103 more
>>>>>>>> TID: [-1234] [] [2017-11-26 06:40:15,992] ERROR
>>>>>>>> {JAGGERY.site.blocks.subscription.subscription-add.ajax.subscription-add:jag}
>>>>>>>> - org.jaggeryjs.scriptengine.exceptions.ScriptException: Error while
>>>>>>>> obtaining the application access token for the application:Helloapp45
>>>>>>>> {JAGGERY.site.blocks.subscription.subscription-add.ajax.subscription-add:jag}
>>>>>>>>
>>>>>>>> *GatewayManager/Worker error*
>>>>>>>>
>>>>>>>> TID: [-1] [] [2017-11-26 06:40:24,183] WARN
>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>> - Failed retrieving Blocking Conditions from remote endpoint:
>>>>>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>> find valid certification path to requested target. Retrying after 15
>>>>>>>> seconds...
>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>> TID: [-1] [] [2017-11-26 06:40:39,187] WARN
>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>> - Failed retrieving Blocking Conditions from remote endpoint:
>>>>>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>> find valid certification path to requested target. Retrying after 15
>>>>>>>> seconds...
>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>>
>>>>>>>>
>>>>>>>> [1] https://github.com/wso2/puppet-apim
>>>>>>>>
>>>>>>>> [2] https://docs.wso2.com/display/AM210/Distributed+Deployment+o
>>>>>>>> f+the+Gateway
>>>>>>>>
>>>>>>>>
>>>>>>>> Thank you,
>>>>>>>> Chalitha.
>>>>>>>>
>>>>>>>> --
>>>>>>>> *Chalitha Maheshwari*
>>>>>>>> Software Engineer-QA,
>>>>>>>> WSO2 Inc.
>>>>>>>>
>>>>>>>> *E-mail:* [email protected]
>>>>>>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Dev mailing list
>>>>>>>> [email protected]
>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Harsha Kumara
>>>>>>> Software Engineer, WSO2 Inc.
>>>>>>> Mobile: +94775505618 <+94%2077%20550%205618>
>>>>>>> Blog:harshcreationz.blogspot.com
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Samitha Chathuranga
>>>>>> Software Engineer, WSO2 Inc.
>>>>>> lean.enterprise.middleware
>>>>>> Mobile: +94715123761
>>>>>>
>>>>>> [image: http://wso2.com/signature] <http://wso2.com/signature>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Chalitha Maheshwari*
>>>>> Software Engineer-QA,
>>>>> WSO2 Inc.
>>>>>
>>>>> *E-mail:* [email protected]
>>>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> *Chalitha Maheshwari*
>>>> Software Engineer-QA,
>>>> WSO2 Inc.
>>>>
>>>> *E-mail:* [email protected]
>>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>>
>>>
>>>
>>>
>>> --
>>> *Chalitha Maheshwari*
>>> Software Engineer-QA,
>>> WSO2 Inc.
>>>
>>> *E-mail:* [email protected]
>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>
>>
>>
>>
>> --
>> Chamin Dias
>> Mobile : 0716097455
>> Email : [email protected]
>> LinkedIn : https://www.linkedin.com/in/chamindias
>>
>>
>
>
> --
> *Chalitha Maheshwari*
> Software Engineer-QA,
> WSO2 Inc.
>
> *E-mail:* [email protected]
> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>
--
*Chalitha Maheshwari*
Software Engineer-QA,
WSO2 Inc.
*E-mail:* [email protected]
*Mobile: *+94710 411 112
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
