Hi Chalitha,
Out of curiosity; what were the values given earlier by you for them
instead of the below lines,
ssl_certificate /etc/nginx/ssl/keymgt.crt;
ssl_certificate_key /etc/nginx/ssl/keymgt.key;
Were they the default ones as mentioned in the docs [1] as below?
ssl_certificate /etc/nginx/ssl/mgt.crt;
ssl_certificate_key /etc/nginx/ssl/mgt.key;
AFAIK we should configure *ssl_certificate* and *ssl_certificate_key*
derivatives if we are configuring for https requests (port 443). It is
mentioned int the docs [1] .
[1] - https://docs.wso2.com/display/AM210/Distributed+Deployment+
of+the+Gateway
Regards,
Samitha
On Mon, Nov 27, 2017 at 11:03 PM, Chalitha Waldeniyage <[email protected]>
wrote:
> Hi All,
>
> Thank you Yasassri and all for the tips to figure out the issue.
>
> However we have debugged this issue a little further. The reason for this
> issue is, although we have imported the correct certificates to
> client-trustore when SSL handshake takes place, server was sending a wrong
> certificate to the client.
> Nginx server has mulitiple SSL certificates configured for the same port
> (443) which was using for other servers. Therefore nginx sending a wrong
> certificate.
> AFAIK this can happen if the client doesn't send SNI information to the
> server, So either the client is communicating with SSL 1.0 (which doesn't
> support SNI) or the client is sending wrong SNI information to the server.
> (I actually couldn't verify this)
>
> As a Temporary solution, I have forced Nginx to send key manager
> certificates if SNI information is not present. The Nginx configs are as
> follows.
>
> server {
> listen 443 default;
> server_name is.dev.wso2.org;
> ssl on;
> ssl_certificate /etc/nginx/ssl/keymgt.crt;
> ssl_certificate_key /etc/nginx/ssl/keymgt.key;
> location / {
> proxy_set_header X-Forwarded-Host $host;
> proxy_set_header X-Forwarded-Server $host;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header Host $http_host;
> proxy_read_timeout 5m;
> proxy_send_timeout 5m;
> proxy_redirect https://ssl.wso2.is.com
> https://is.dev.wso2.org;
> proxy_pass https://ssl.wso2.is.com;
>
> proxy_http_version 1.1;
> proxy_set_header Upgrade $http_upgrade;
> proxy_set_header Connection "upgrade";
> }
>
> This seems like an issue, Is there any config in APIM, I can change to get
> this property?
>
> Thank you,
> Chalitha.
>
>
> On Mon, Nov 27, 2017 at 4:51 PM, Chalitha Waldeniyage <[email protected]>
> wrote:
>
>> Hi Chamin,
>>
>> Those configuration are verified as per [1]. However these are not
>> manually configured.Used existing puppet configuration.
>>
>> [1] https://docs.wso2.com/display/AM210/Distributed+Deployment+o
>> f+API+Manager
>>
>>
>> Thank you,
>> Chalitha.
>>
>> On Mon, Nov 27, 2017 at 2:53 PM, Chamin Dias <[email protected]> wrote:
>>
>>> Hi,
>>>
>>> Based on this answer
>>> <https://stackoverflow.com/questions/39649801/wso2-am-2-0-0-error-occurred-while-executing-the-action-generateapplicationkey>,
>>> this error might happen due to datasource configuration in IS. Shall we
>>> recheck those?
>>>
>>> Thanks.
>>>
>>> On Mon, Nov 27, 2017 at 12:23 PM, Chalitha Waldeniyage <
>>> [email protected]> wrote:
>>>
>>>>
>>>>
>>>> On Mon, Nov 27, 2017 at 12:20 PM, Chalitha Waldeniyage <
>>>> [email protected]> wrote:
>>>>
>>>>> Adding Asela
>>>>>
>>>>> On Mon, Nov 27, 2017 at 11:26 AM, Chalitha Waldeniyage <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hi Harsha/Samitha,
>>>>>>
>>>>>> Yes i have created a self sign certificate as per [1] and imported
>>>>>> all the nginx public keys there. I have verified that with above command
>>>>>> as
>>>>>> well.
>>>>>> Here with I'm attaching the client trust.jks file which i'm using in
>>>>>> the servers.
>>>>>> Further key manager is fronted via nginx.
>>>>>>
>>>>>> On Sun, Nov 26, 2017 at 10:09 PM, Samitha Chathuranga <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Hi Chalitha,
>>>>>>>
>>>>>>> Are you pointing KM (from other nodes) through load balancer? I
>>>>>>> don't think you have done so. And if you have changed the hostnames of
>>>>>>> the
>>>>>>> servers, the default keystore/client-trustore won't work. Refer [1]
>>>>>>>
>>>>>>> To check which certificates are in a Java keystore, enter the below
>>>>>>> command.
>>>>>>>
>>>>>>> keytool -list -v -keystore client-truststore.jks
>>>>>>>
>>>>>>>
>>>>>>> [1] - https://github.com/wso2/puppet-apim/tree/master/wso2am_runti
>>>>>>> me#keystore-and-client-truststore-related-configs
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>> Samitha
>>>>>>>
>>>>>>> On Sun, Nov 26, 2017 at 7:17 PM, Harsha Kumara <[email protected]>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hi Chalitha,
>>>>>>>>
>>>>>>>> It seems KM certificate isn't imported to the trustee. Can you
>>>>>>>> verify it? If so we will need to fix it.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Harsha
>>>>>>>>
>>>>>>>> On Sun, Nov 26, 2017 at 1:46 PM, Chalitha Waldeniyage <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> Hi All,
>>>>>>>>>
>>>>>>>>> I'm setting up an APIM cluster puppet patten 6 using APIM 2.1.0
>>>>>>>>> puppet scripts[1].
>>>>>>>>> When I try to generate keys for an application, pub/store nodes
>>>>>>>>> are throwing the below error. (IS 5.3.0 used as the Keymanager)
>>>>>>>>> Additionally in gateway Manager and worker also throwing the
>>>>>>>>> similar errors in the startup. I have imported the nginx public cert
>>>>>>>>> to the
>>>>>>>>> each node client-truststore.jks file as per instruction in
>>>>>>>>> [2] .
>>>>>>>>> Could you please looking to this?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *pub/store Node error:*
>>>>>>>>> TID: [-1234] [] [2017-11-26 06:40:15,956] ERROR
>>>>>>>>> {org.wso2.carbon.apimgt.impl.APIConsumerImpl} - Could not execute
>>>>>>>>> Workflow {org.wso2.carbon.apimgt.impl.APIConsumerImpl}
>>>>>>>>>
>>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.WorkflowException: Error
>>>>>>>>> occurred when updating the status of the Application creation process
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationSimpleWorkflowExecutor.complete(ApplicationRegistrationSimpleWorkflowExecutor.java:82)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationSimpleWorkflowExecutor.execute(ApplicationRegistrationSimpleWorkflowExecutor.java:54)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.APIConsumerImpl.requestApprovalForApplicationRegistration(APIConsumerImpl.java:2789)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.UserAwareAPIConsumer.requestApprovalForApplicationRegistration(UserAwareAPIConsumer.java:36)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject.jsFunction_getApplicationKey(APIStoreHostObject.java:385)
>>>>>>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>>>>>> at
>>>>>>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>>>>>>>> at
>>>>>>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>>>>>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>>>>>>>> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c3._c_anonymous_2(/store/modules/subscription/key.jag:39)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c3.call(/store/modules/subscription/key.jag)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.ScriptRuntime.applyOrCall(ScriptRuntime.java:2430)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.BaseFunction.execIdCall(BaseFunction.java:269)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.IdFunctionObject.call(IdFunctionObject.java:97)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:42)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c0._c_anonymous_10(/store/modules/subscription/module.jag:35)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.modules.subscription.c0.call(/store/modules/subscription/module.jag)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0._c_anonymous_1(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag:240)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0._c_script_0(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag:3)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
>>>>>>>>> at
>>>>>>>>> org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.exec(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebAppManager.java:588)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:508)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29)
>>>>>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
>>>>>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:377)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
>>>>>>>>> at
>>>>>>>>> org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:958)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>>>>>>>>> at
>>>>>>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:452)
>>>>>>>>> at
>>>>>>>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087)
>>>>>>>>> at
>>>>>>>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
>>>>>>>>> at
>>>>>>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1756)
>>>>>>>>> at
>>>>>>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1715)
>>>>>>>>> at
>>>>>>>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>>>>>>>> at
>>>>>>>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>>>>>>>> at
>>>>>>>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>>>>>>>> at java.lang.Thread.run(Thread.java:745)
>>>>>>>>> Caused by: org.wso2.carbon.apimgt.api.APIManagementException: Error
>>>>>>>>> occurred while executing SubscriberKeyMgtClient.
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.utils.APIUtil.handleException(APIUtil.java:1269)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegistrationWorkflowExecutor.dogenerateKeysForApplication(AbstractApplicationRegistrationWorkflowExecutor.java:155)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegistrationWorkflowExecutor.generateKeysForApplication(AbstractApplicationRegistrationWorkflowExecutor.java:118)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationSimpleWorkflowExecutor.complete(ApplicationRegistrationSimpleWorkflowExecutor.java:78)
>>>>>>>>> ... 75 more
>>>>>>>>> Caused by: org.wso2.carbon.apimgt.api.APIManagementException: Error
>>>>>>>>> while creating tokens - sun.security.validator.ValidatorException:
>>>>>>>>> PKIX path building failed:
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>>> find valid certification path to requested target
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.handleException(AMDefaultKeyManagerImpl.java:639)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.getNewApplicationAccessToken(AMDefaultKeyManagerImpl.java:389)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.workflow.AbstractApplicationRegistrationWorkflowExecutor.dogenerateKeysForApplication(AbstractApplicationRegistrationWorkflowExecutor.java:151)
>>>>>>>>> ... 77 more
>>>>>>>>> Caused by: javax.net.ssl.SSLHandshakeException:
>>>>>>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>>> find valid certification path to requested target
>>>>>>>>> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>>>>>>>>> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
>>>>>>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
>>>>>>>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
>>>>>>>>> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
>>>>>>>>> at
>>>>>>>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
>>>>>>>>> at
>>>>>>>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:178)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
>>>>>>>>> at
>>>>>>>>> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
>>>>>>>>> at
>>>>>>>>> org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.getNewApplicationAccessToken(AMDefaultKeyManagerImpl.java:363)
>>>>>>>>> ... 78 more
>>>>>>>>> Caused by: sun.security.validator.ValidatorException: PKIX path
>>>>>>>>> building failed:
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>>> find valid certification path to requested target
>>>>>>>>> at
>>>>>>>>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
>>>>>>>>> at
>>>>>>>>> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
>>>>>>>>> at sun.security.validator.Validator.validate(Validator.java:260)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
>>>>>>>>> at
>>>>>>>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)
>>>>>>>>> ... 97 more
>>>>>>>>> Caused by:
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>>> find valid certification path to requested target
>>>>>>>>> at
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
>>>>>>>>> at
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
>>>>>>>>> at
>>>>>>>>> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
>>>>>>>>> at
>>>>>>>>> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
>>>>>>>>> ... 103 more
>>>>>>>>>
>>>>>>>>> ... 103 more
>>>>>>>>> TID: [-1234] [] [2017-11-26 06:40:15,992] ERROR
>>>>>>>>> {JAGGERY.site.blocks.subscription.subscription-add.ajax.subscription-add:jag}
>>>>>>>>> - org.jaggeryjs.scriptengine.exceptions.ScriptException: Error
>>>>>>>>> while obtaining the application access token for the
>>>>>>>>> application:Helloapp45
>>>>>>>>> {JAGGERY.site.blocks.subscription.subscription-add.ajax.subscription-add:jag}
>>>>>>>>>
>>>>>>>>> *GatewayManager/Worker error*
>>>>>>>>>
>>>>>>>>> TID: [-1] [] [2017-11-26 06:40:24,183] WARN
>>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>>> - Failed retrieving Blocking Conditions from remote endpoint:
>>>>>>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>>> find valid certification path to requested target. Retrying after 15
>>>>>>>>> seconds...
>>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>>> TID: [-1] [] [2017-11-26 06:40:39,187] WARN
>>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>>> - Failed retrieving Blocking Conditions from remote endpoint:
>>>>>>>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>>>>>>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
>>>>>>>>> find valid certification path to requested target. Retrying after 15
>>>>>>>>> seconds...
>>>>>>>>> {org.wso2.carbon.apimgt.gateway.throttling.util.BlockingConditionRetriever}
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> [1] https://github.com/wso2/puppet-apim
>>>>>>>>>
>>>>>>>>> [2] https://docs.wso2.com/display/AM210/Distributed+Deployment+o
>>>>>>>>> f+the+Gateway
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thank you,
>>>>>>>>> Chalitha.
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> *Chalitha Maheshwari*
>>>>>>>>> Software Engineer-QA,
>>>>>>>>> WSO2 Inc.
>>>>>>>>>
>>>>>>>>> *E-mail:* [email protected]
>>>>>>>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Dev mailing list
>>>>>>>>> [email protected]
>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Harsha Kumara
>>>>>>>> Software Engineer, WSO2 Inc.
>>>>>>>> Mobile: +94775505618 <+94%2077%20550%205618>
>>>>>>>> Blog:harshcreationz.blogspot.com
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Samitha Chathuranga
>>>>>>> Software Engineer, WSO2 Inc.
>>>>>>> lean.enterprise.middleware
>>>>>>> Mobile: +94715123761
>>>>>>>
>>>>>>> [image: http://wso2.com/signature] <http://wso2.com/signature>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> *Chalitha Maheshwari*
>>>>>> Software Engineer-QA,
>>>>>> WSO2 Inc.
>>>>>>
>>>>>> *E-mail:* [email protected]
>>>>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Chalitha Maheshwari*
>>>>> Software Engineer-QA,
>>>>> WSO2 Inc.
>>>>>
>>>>> *E-mail:* [email protected]
>>>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> *Chalitha Maheshwari*
>>>> Software Engineer-QA,
>>>> WSO2 Inc.
>>>>
>>>> *E-mail:* [email protected]
>>>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>>>
>>>
>>>
>>>
>>> --
>>> Chamin Dias
>>> Mobile : 0716097455
>>> Email : [email protected]
>>> LinkedIn : https://www.linkedin.com/in/chamindias
>>>
>>>
>>
>>
>> --
>> *Chalitha Maheshwari*
>> Software Engineer-QA,
>> WSO2 Inc.
>>
>> *E-mail:* [email protected]
>> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>>
>
>
>
> --
> *Chalitha Maheshwari*
> Software Engineer-QA,
> WSO2 Inc.
>
> *E-mail:* [email protected]
> *Mobile: *+94710 411 112 <+94%2071%20041%201112>
>
--
Samitha Chathuranga
Software Engineer, WSO2 Inc.
lean.enterprise.middleware
Mobile: +94715123761
[image: http://wso2.com/signature] <http://wso2.com/signature>
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
