英文:
validity check failed executing GET https://Identity Server IP:9444/oauth2/token/.well-known/openid-configuration
问题
我使用WSO2身份服务器作为WSO2 API管理器的密钥管理器,它运行在两台不同的机器上。在运行两个服务器之后,WSO2 API管理器出现了错误:
ERROR {org.wso2.carbon.apimgt.rest.api.util.exception.GlobalThrowableMapper} - 全局异常映射器捕获到了未知异常。feign.RetryableException: PKIX路径验证失败:java.security.cert.CertPathValidatorException:执行GET https://IdentityServerIP:9444/oauth2/token/.well-known/openid-configuration 时的有效性检查失败
at feign.FeignException.errorExecuting(FeignException.java:249)
我正在按照这个链接进行操作,并使用MSSQL Server作为共享数据库。
英文:
I use wso2 identity server as a KeyManager of wso2 API manager that run in two different machine. after running two server there is a error in wso2 API manager :
ERROR {org.wso2.carbon.apimgt.rest.api.util.exception.GlobalThrowableMapper} - An unknown exception has been captured by the global exception mapper. feign.RetryableException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed executing GET https://IdentityServerIP:9444/oauth2/token/.well-known/openid-configuration
at feign.FeignException.errorExecuting(FeignException.java:249)
I am following this link to do this and using MSSQL Server as shared database.
答案1
得分: 1
你需要将身份服务器的公共证书导入到API Manager的client-trustore中。
从IS中导出证书
keytool -export -alias wso2carbon -keystore wso2carbon.jks -file <public key name>.pem
然后在你的APIM服务器上,导入你提取的公共密钥到client-trustore中。
keytool -import -alias iskey -file <public key name>.pem -keystore client-truststore.jks -storepass wso2carbon
英文:
You need to import the Identity Servers public cert to API Manager client-trustore.
Export the cert from IS
keytool -export -alias wso2carbon -keystore wso2carbon.jks -file <public key name>.pem
Then in your APIM server, import the public key that you extracted to the client-trustore.
keytool -import -alias iskey -file <public key name>.pem -keystore client-truststore.jks -storepass wso2carbon
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论