I have a docker environment running openldap, mysql, wso2is and wso2am. I'm trying to publish an API using API Manager Publisher and I'm facing the following error:
docker log:
[2021-03-18 21:40:32,764] INFO - CarbonAuthenticationUtil 'admin#wso2.com#carbon.super [-1234]' logged in at [2021-03-18 21:40:32,764+0000]
[2021-03-18 21:40:32,899] ERROR - APIGatewayManager Error occurred when publish to gateway Production and Sandbox
org.apache.axis2.AxisFault: Error while Deploying API
at org.wso2.carbon.apimgt.impl.utils.APIGatewayAdminClient.deployAPI_aroundBody14(APIGatewayAdminClient.java:215) ~[org.wso2.carbon.apimgt.impl_6.7.206.jar:?]
Caused by:
at java.lang.Thread.run(Thread.java:834) [?:?]
Caused by: org.apache.axis2.AxisFault: Error while obtaining API information from gateway. null
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531) ~[axis2_1.6.1.wso2v41.jar:?]
More info:
[2021-03-18 21:40:33,178] INFO - DataBridge user admin#wso2.com connected
[2021-03-18 21:40:33,187] ERROR - DataEndpointConnectionWorker Error while trying to connect to the endpoint. Cannot borrow client for ssl://172.29.0.5:9712.
org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException: Cannot borrow client for ssl://172.29.0.5:9712.
[2021-03-18 21:40:33,234] INFO - CarbonAuthenticationUtil 'admin#wso2.com#carbon.super [-1234]' logged in at [2021-03-18 21:40:33,233+0000]
[2021-03-18 21:40:33,264] ERROR - APIGatewayManager Error occurred when check api is published on gatewayProduction and Sandbox
Where is defined port 9712 for ssl? Because I don't have this port available on docker:
wso2am:3.2.0-alpine "/home/wso2carbon/wa…" 7 days ago Up 12 minutes (healthy) 0.0.0.0:8243->8243/tcp, 5672/tcp, 9099/tcp, 0.0.0.0:8280->8280/tcp, 9443/tcp, 9611/tcp, 9711/tcp, 9763/tcp, 9999/tcp, 11111/tcp, 0.0.0.0:9444->9444/tcp
I'm using WSO2 IS as key manager and the integration is working. Now my problem is only when I try to publish an API.
wso2is:5.10.0-alpine
wso2am:3.2.0-alpine
PS: I have disabled network from docker-compose to not have host problems.
Issue 01:
Caused by: org.apache.axis2.AxisFault: Error while obtaining API information from gateway. null
The above error can be seen most probably due to a connection issue between the Publisher and the Gateway server/s.
To resolve this, you may need to validate the Gateway configuration in the Publisher node. To do that, open the <PUBLISHER_HOME>/repository/conf/deployment.toml file and
check whether the following configuration is correct.
[[apim.gateway.environment]]
service_url = "https://<hostname_of_the_GW>:9443/services/"
Issue 02:
ERROR - DataEndpointConnectionWorker Error while trying to connect to the endpoint. Cannot borrow client for ssl://172.29.0.5:9712.
org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException: Cannot borrow client for ssl://172.29.0.5:9712.
The above error indicates that the 9712 port is not accessible. This 9712 is the default port which is started by BinaryDataReceiver for Binary SSL Transport and it will be used to authenticate data published to the Traffic Manager. Therefore, you need to make this port available.
Related
I configured APIM with build-in Identety Server inside kubernetes cluster. Everything was working fine but recently we got an error related to expired certificate:
2021-07-29 14:30:35,308 INFO [wso2/gateway/src/gateway/utils] - [APIGatewayListener] [-] HTTP listener is active on port 9090
[ballerina/http] started HTTPS/WSS listener 0.0.0.0:9095
2021-07-29 14:30:35,310 INFO [wso2/gateway/src/gateway/utils] - [APIGatewayListener] [-] HTTPS listener is active on port 9095
2021-07-29 14:31:31,816 INFO [wso2/gateway/src/gateway/utils] - [NotificationEventListener] [-] Recieved event with type : SUBSCRIPTIONS_CREATE
2021-07-29 14:31:59,940 ERROR [ballerina/jwt] - Public key certificate validity period has passed.
2021-07-29 14:31:59,943 ERROR [ballerina/jwt] - JWT validation failed. : error {ballerina/jwt}Error message=Public key certificate validity period has passed.
2021-07-29 14:31:59,945 ERROR [wso2/gateway/src/gateway/utils] - Failed to authenticate with jwt auth provider. : error {ballerina/auth}Error message=JWT validation failed. cause=error {ballerina/jwt}Error message=Public key certificate validity period has passed.
Configmap to deploy certificate
After that I got another error related signature validation failed:
2021-07-29 19:16:42,517 ERROR [ballerina/jwt] - JWT signature validation has failed.
2021-07-29 19:16:42,517 ERROR [ballerina/jwt] - JWT validation failed. : error {ballerina/jwt}Error message=JWT signature validation has failed.
2021-07-29 19:16:42,518 ERROR [wso2/gateway/src/gateway/utils] - Failed to authenticate with jwt auth provider. : error {ballerina/auth}Error message=JWT validation failed. cause=error {ballerina/jwt}Error message=JWT signature validation has failed.
I guess I need to add this new cert to some part to APIM or probably need to add it to keystore. Can you help here please?
I'm trying to create a new API from a rest service in WSO2 Publisher and I'm getting an error when I try to validate the endpoint:
When I go to log it shows the message:
[2021-03-30 22:09:54,744] ERROR - ApisApiServiceImpl Error occurred while sending the HEAD request to the given endpoint url:
java.net.ConnectException: Connection refused (Connection refused)
What am I doing wrong?
If I progress the creation when I try to test I get another error:
[2021-03-30 22:15:31,311] WARN - SourceHandler I/O error: Received fatal alert: certificate_unknown
[2021-03-30 22:15:31,351] WARN - ConnectCallback Connection refused or failed for : localhost/127.0.0.1:8888
[2021-03-30 22:15:31,353] WARN - EndpointContext Endpoint : CpoExecutorAPI--v1.0.0_APIproductionEndpoint with address http://localhost:8888/cpo-executor/dev will be marked SUSPENDED as it failed
Apart from the certificate issue, another possible cause for this error is network connectivity. Please make sure that there weren't any network issues while invoking the request and the network connectivity was stable. Also, please check whether you can directly connect to the provided endpoint URL and get the responses without any issues.
WARN - SourceHandler I/O error: Received fatal alert: certificate_unknown
With the above-mentioned warning, we can suspect there is an issue with certificates.
Therefore, if you have made any recent certificate changes in your environment can you check whether the required certs are available in the API Manager Keystore?
Using WSO2 API Manager (V1.10), I published a API and I imported the SSL certificate to client-truststore.jks. But When I call this API, I 'm receving this error:
2016-07-11 11:42:11,296 [-] [HTTPS-Sender I/O dispatcher-7] ERROR TargetHandler I/O error: Received fatal alert: handshake_failure
javax.net.ssl.SSLException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1650)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1618)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1787)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1071)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:893)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:767)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.apache.http.nio.reactor.ssl.SSLIOSession.doUnwrap(SSLIOSession.java:228)
at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:263)
at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:391)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:119)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:586)
at java.lang.Thread.run(Thread.java:745)
I suspect your API calling client program does not have the API server's certificate. (Usually you import your certificate into your JRE's jacerts or other trust store)
But When I call this API, I 'm receving this error:
When you call this API, did this API calling client program (Java, for example) also get this WSO2 server's certificate imported? This may solve your problem.
According to the error log this happens in http sender. i.e when api manger invokes the back-end . if your backend is "HTTPS" you need to import its public certificate to trustore of APIM
Had same issue in Java 1.7. Java 1.8 has resolved my problem
I locally installed WSO2 API manager and create API but API list is not coming at WSO2 dashboard . It displaying an error i.e
[2015-11-03 18:47:29,781] ERROR - AsyncDataPublisher Reconnection failed for for tcp://localhost:7614"
index:jag org.wso2.carbon.apimgt.api.APIManagementException: Error occurred while getting the APIs
Version of API manager is 1.9.1
I can't get any API statistics
This issue can be occurred when you have not configured information according to the Port Offset value. As an example if the port offset value of BAM instance is 3,need to configure as follows in property in the api-manager.xml which is in /repository/conf/ folder.
<ThriftPort>7614</ThriftPort>
<BAMServerURL>{tcp://<IP Address>:7614/}</BAMServerURL>
Also make sure to restart both servers.
I have configured Open Weather API in API Manager (Version 1.6.0). Steps:
Add API
Name: weather
Context: /weather
Version: v1
Tier Availability: All
Transports: HTTP & HTTPS
Endpoint Type: HTTP endpoint
Production Endpoint: http://api.openweathermap.org/data/2.5/weather
==> At this point, if I click "Test", I get "Invalid" error.
I still go ahead and save and publish the API.
In Store, subscribe to the API and try to run in REST Client:
http://localhost:8280/weather/v1
Authorization: xxxx
Error response is seen after a while:
<am:fault
xmlns:am="http://wso2.org/apimanager">
<am:code>101503</am:code>
<am:type>Status report</am:type>
<am:message>Runtime Error</am:message>
<am:description>Error connecting to the back end</am:description>
</am:fault>
Error seen on the console:
[2014-05-22 14:11:39,067] WARN - ConnectCallback Connection refused
or failed f or : api.openweathermap.org/162.243.44.32:80 [2014-05-22
14:11:39,093] INFO - LogMediator STATUS = Executing default 'fault'
sequence, ERROR_CODE = 101503, ERROR_MESSAGE = Error connecting to the
back end
I am running the AM behind a proxy. I assume AM needs to be told to go through proxy when connecting to external URLs.
I have tried below option:
When starting the server use the command:
wso2server.bat -Dhttp.proxyHost= -Dhttp.proxyPort=8085 start
With this, I am unable to login to publisher or store. When clicked on the Login prompt, nothing happens.
How to configure the proxy server in AM, so that that AM uses the proxy server to connect to external URLs?
You can set the proxyhost and prort number in de axis2.xml file:
$WSO2APU_HOME/repository/conf/axis2/axis2.xml
Note: you must set http.proxyHost=your.internet.proxy.com, do not leave it empty