Cipher Tool is not encrypting password - wso2

I am using WSO2 Integration Studio 8.1.0 on Windows 10 and I have Ant installed (Apache Ant 1.10.12) and added the ANT bin directory (ANT_HOME) to the path system variable.
In my deployment.toml file which is located in Integration_Studio_Home\runtime\microesb\conf.
I added the following under the secrets header
[secrets]
admin_password = "adminUserPassword"
Then opened cmd and navigated to Integration_Studio_Home\runtime\microesb\bin.
Then executed ciphertool.bat -Dconfigure
Result :
.\wso2\lib\Saxon-HE-9.5.1-8.jar
Using CARBON_HOME: C:\WSO2\INTEGR~1\runtime\microesb\bin\..
Using JAVA_HOME: C:\Program Files\Java\jdk-11.0.12
Encrypting using Internal KeyStore.
{type: JKS, alias: wso2carbon, path: repository/resources/security/wso2carbon.jks}
[Please Enter Internal KeyStore Password of Carbon Server : ]
Internal KeyStore of Carbon Server is initialized Successfully
Secret Configurations are written to the property file successfully
But when I open deployment.toml I find that the password under the secrets section is not encrypted!

You need to define the secret value between square brackets []. In your case, it should be as follows,
[secrets]
admin_password = "[adminUserPassword]"
Furthermore, if you are using the embedded MI runtime, you can use the Integration Studio itself to encrypt the secrets. Have a look at Encrypt static (embedded) server secrets
For more info check,
Defining secrets - https://apim.docs.wso2.com/en/latest/install-and-setup/setup/mi-setup/security/encrypting_plain_text/#static-secrets

Related

wso2 Enabling Notifications for User Operations-template path error

i'm trying to enable notifactions for user operations on wso2-is 5.11 started via docker desktop on a windows11 machine.
somone can explain me what is wrong in that?
P.S. sorry for my english
The problem is in runtime'cause the logs of docker displays the following error:
ERROR {org.wso2.carbon.identity.notification.mgt.NotificationMgtConfigBuilder} - Error while reading email template from location C:\Users\rocco\Documents\WSO2\docker-wso2\conf\is-as-km\repository\template.xml java.io.FileNotFoundException: C:\Users\rocco\Documents\WSO2\docker-wso2\conf\is-as-km\repository\template.xml (No such file or directory)
msg-mgt.properties file:
module.name.1=email
email.subscription.1=userOperation
email.subscription.userOperation.template=
C:\Users\rocco\Documents\WSO2\docker-wso2\conf\is-as-
km\repository\template.xml
#email.subscription.userOperation.salutation=Admin
email.subscription.userOperation.subject=User operation
change information
email.subscription.userOperation.endpoint.1=wso2iamtest
email.subscription.userOperation.endpoint.privateMail.address
=wso2iamtest#outlook.it
#email.subscription.userOperation.endpoint.privateMail
.salutation=Admin private mail
#email.subscription.userOperation.endpoint.privateMail
.subject=
User operation change information to private mail
#
As per the error log, you have configured the wrong path for the email template location.
Even though you use a Windows machine, wso2is is running as a docker instance.
WSO2 IS docker images are based on ubutu/ alpine/ centos OS base images (see the available variants here https://hub.docker.com/r/wso2/wso2is).
So, you also should have used one of them.
When configuring the path for email.subscription.userOperation.template=, we have to give the absolute path inside the WSO2 IS server where the particular template file is located.
In order to find the exact path correctly,
Log in to the docker container giving docker exec -it <container id> bash command
Once you logged in, you can see wso2is-5.11.0 folder natigate to the correct location where your template is placed, and give pwd command. You can get the path to the file. Then append the file name and put the value for email.subscription.userOperation.template= property.
As per the example, I created a file named template.txt.
Added the following content to it.
Hi {username}
This is a test mail to your private mail. The operation occurred was: {operation}.
Moved the created template into the docker container.
Here you can see the path I have added the template file.
According to my case, the msg-mgt.properties file should have the config as follows.
email.subscription.userOperation.template=/home/wso2carbon/wso2is-5.11.0/repository/template.txt

WSO2 Identity Server ciphertool.bat script throwing an InvalidPathException

I am trying to run the ciphertool.bat script to encrypt strings in my WSO2 server. I am running the script with the -Dconfigure flag and receiving a InvalidPathException
I have not edited the ciphertool.bat script, the cipher-text.properties or the ciper-tool.properties files.
I am running version 5.7.0 of WSO2 Identity Server on a Windows machine.
Command I am running and the console output
C:\Program Files\WSO2\Identity Server\5.7.0\bin>ciphertool.bat -Dconfigure
BUILD SUCCESSFUL
Total time: 7 seconds
Using CARBON_HOME: C:\Program Files\WSO2\Identity Server\5.7.0
Using JAVA_HOME: C:\Program Files\Java\jdk1.8.0_181
Exception in thread "main" java.nio.file.InvalidPathException: Illegal char
<:> at index 45: C:\Program Files\WSO2\Identity Server\5.7.0\C:\Program
Files\WSO2\Identity Server\5.7.0\/repository/resources/security/wso2carbon.jks
at sun.nio.fs.WindowsPathParser.normalize(WindowsPathParser.java:182)
at sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:153)
at sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:77)
at sun.nio.fs.WindowsPath.parse(WindowsPath.java:94)
at sun.nio.fs.WindowsFileSystem.getPath(WindowsFileSystem.java:255)
at java.nio.file.Paths.get(Paths.java:84)
at org.wso2.ciphertool.utils.Utils.getConfigFilePath(Utils.java:98)
at org.wso2.ciphertool.utils.Utils.setSystemProperties(Utils.java:289)
at org.wso2.ciphertool.CipherTool.initialize(CipherTool.java:93)
at org.wso2.ciphertool.CipherTool.main(CipherTool.java:52)
I expect that script would run without errors, especially if I haven't edited anything, but it's throwing this exception. Any thoughts?
This issue has been identified and a PR has been sent here. Unfortunately, it's not merged yet.
As a quick fix, you can follow the steps below.
clone the repo
checkout to the branch "v1.0.0-wso2v8"
locally make the suggested fix in the PR
build the JAR
overwrite the <IS_HOME>/lib/org.wso2.ciphertool-1.0.0-wso2v8.jar with new JAR
try the ciphertool command
You can give the location of the keystore file as below in <PRODUCT_HOME>/repository/conf/carbon.xml file
<Location>${carbon.home}\repository\resources\security\wso2carbon.jks</Location>
(Please note the backslashes)
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}\repository\resources\security\wso2carbon.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password svns:secretAlias="Carbon.Security.KeyStore.Password">password</Password>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword svns:secretAlias="Carbon.Security.KeyStore.KeyPassword">password</KeyPassword>
</KeyStore>

Error Wso2 "Problem accessing: /. Reason: Not Found" when I try to log in Api Manager after configure Api Analytics

I've installed Wso2 Api Manager a few days ago follow this intructions:
1. I've downloaded https://wso2.com/api-management/install.
2. I've installed using the wizard in C:\Program Files\WSO2\API Manager directory.
3. I've initialize Api Manger console, then created some apis from https://localhost:9443/publisher .
Now, I want to see some statistics (https://192.168.138.117:9443/publisher/site/pages/all-statistics.jag?page=api-usage-user&stat=all-stat). I've read that API Analytics has to be configured, so I carried out the following steps (https://docs.wso2.com/display/AM260/Configuring+APIM+Analytics#ConfiguringAPIMAnalytics-Step1-DownloadandinstallWSO2API-M).
I download it (https://wso2.com/api-management/install/analytics).
Unzip file in C:\WSO2\wso2am-analytics-2.6.0.
I've created and Environment Variables called JAVA_HOME. In value field, I typed the installation path of the Java Development Kit, C:\Program Files\Java\jdk1.8.0_191.
I edited the tag true in the file "C:\Program Files\WSO2\API Manager\2.6.0\repository\conf\api-manager.xml".
I exec this command in cmd windows: "C:\WSO2\wso2am-analytics-2.6.0>worker.bat -run". It excecuted some process and aparentely everything was ok.
Finally, I run another windows console and exec: "C:\Program Files\WSO2\API Manager\2.6.0\bin>wso2server.bat -run".
Now, when I try to log in https://localhost:9443/publisher, /store o /carbon, I'm getting this error:
Problem accessing: /. Reason: Not Found
If I only lunch the Api Manager, it works perfectly but I can't get the statistics.
Did you follow Quick setup?
To access Analytics you need to carry out Standard Setup which includes:
Creating Analytics DB with the "am_usage_uploaded_files" table in addition
Configuring /conf/dashboard/deployment.yaml --> APIM_ANALYTICS_DB
Configuring /conf/worker/deployment.yaml --> APIM_ANALYTICS_DB
Configure /conf/worker/deployment.yaml --> WSO2AM_MGW_ANALYTICS_DB
And then starting the worker which creates the rest tables for analytics.

Error when using AWS-SDK-GO (NoCredentialProviders: no valid providers in chain)

I've recently started using the aws-sdk-go package.
Walking through the instructions, my folder structure is as follows:
bin/ , pkg/ (as always)
src/
app/main.go (code taken from the docs)
github.com/aws
Now when I run go install, and then execute the app.exe (using windows here), I'm getting the following error:
panic: NoCredentialProviders: no valid providers in chain
Any ideas?
You need to provide an AWS access key and secret key to authenticate and use AWS services.
See the README here https://github.com/aws/aws-sdk-go#configuring-credentials
If anyone runs into the same issue I had with this:
I read a doc that said to put the file at %USERPROFILE%.awscredentials on a Windows, but they just forgot the slash. It should be %USERPROFILE%.aws/credentials.
Double check the format of your ~/.aws/credential file.
In my case, the credentials used the following format :
[profile]
AWS_ACCESS_KEY_ID=xxxx
AWS_SECRET_ACCESS_KEY=yyyy
changing it to the following fixed the issue :
[profile]
aws_access_key_id = xxxx
aws_secret_access_key = yyyy

WSO2 Identity Server SAML Error encrypting XMLObject at Example Travelocity

When setting in the sample app: Travelocity.properties
#Specify if SAM LAssertion element is encrypted
SAML.EnableAssertionEncryption=true
And also tick the Identity server configuration option:
Enable Assertion Encryption [ticked]
Certificate Alias: wso2carbon
I receive the following error at the server log:
Error at Log: 2015-05-05 15:56:10,282 Error encrypting XMLObject
Without the encryption feature enabled, the SAML authentication flow with the Travelocity sample code starts working.
Hints are welcome how to fix this issue.
Regards,
Claude
It seems like you are working on the installed java runtime for the first time. I am using ubuntu 14. The same problem came to me. For me it worked in the following way.
1. Download the respective files according to your runtime from here.
http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
2. Extract the folder you downloaded. There will be two .jar files.
3. For ubuntu you can run echo $JAVA_HOME to find the java home. Copy above jar files into {JAVA_HOME}/jre/lib/security. You may need sudo access depending on you JAVA_HOME location. If so run the following from the location you extracted the zip file.
cp local_policy.jar /{JAVA_HOME}/jre/lib/security
cp US_export_policy.jar /{JAVA_HOME}/jre/lib/security
There should be only one slash (/) at /{JAVA_HOME}.
4. Restart wso2 identity server again and retry the procedure to login to travelocity.com
Hope this will fix your issue.