We Keep Coding

Why WSO2 API Manager gives Hostname verification failed while getting the token?

I have one WSO2 Identity server running on docker container and My API-Manager is configured to use it as key manager. API Manager is also running on docker.
When Iam Trying to get a token in Postman, I call this https://myhost.com:8243/token?grant_type=client_credentials with base64 encoded "client_id:secret" it gives me this exception:
[2021-04-27 17:13:21,704] ERROR - TargetHandler I/O error: Host name verification failed for host : is.com javax.net.ssl.SSLException: Host name verification failed for host : is.com
Also the [apim.key_manager] is configured like this:
[apim.key_manager]
service_url = "https://is.com:9442/services/"
username = "$ref{super_admin.username}"
password = "$ref{super_admin.password}"
type = "WSO2-IS"
"is.com" is the domain for my identity server container.
I dont know why is this happening and HostNameVerification is disabled in apim.
How can I fix it?
Thank you.

I guess you haven't disabled hostname verification in Synapse level. This can be done using the following config in the deployment.toml
[transport.passthru_https.sender.parameters]
HostnameVerifier = "AllowAll"
The recommended approach is to use the correct hostname. For this, you can use a DNS entry.

Mule http request configuration proxy

I'm following a tutorial from mulesoft (DataWeave Tutorial) witch implements a Web Service Consumer that calls an external public web service (WSDL). I had no problem to setup the project as described, but when I launch my server I have the following error: "Caused by: java.net.ConnectException: Connection refused: connect".
First thought was that the webservice was unavailable. But I tested it in SoapUI and it workded just fine.
I suppose the error is because the call to the web service is not using the proxy configurations that I have set up in Anypoint Studio. So, in my Web Service Consumer I have set up a HTTP Request Configuration where I added a Proxy Configuration. But it also did not work. Those were my steps:
Web Service Consumer
https://i.stack.imgur.com/hN584.png
References tab
https://i.stack.imgur.com/NIV84.png
HTTP Request Configuration
https://i.stack.imgur.com/Ubpwa.png
Proxy tab
https://i.stack.imgur.com/bBYx1.png
Proxy Configuration
https://i.stack.imgur.com/JDQdf.png
One thing that is immediately noticeable is the the TLS error on the HTTP Request Configuration. This error appears as soon as I choose to use a proxy and when I go to the TLS/SSL tab I have no option to remove the TLS configuration as you can see in the following image:
TLS/SSL tab
https://i.stack.imgur.com/xFqEW.png
Here's the XML of my flow:
<flow name="dataweave_tutorialFlow">
<http:listener config-ref="HTTP_Listener_Configuration" path="ex1" doc:name="HTTP" metadata:id="b34a6c34-653f-4b68-8aa3-8292e41a20cf"/>
<dw:transform-message doc:name="Transform Message">
<dw:input-payload doc:sample="C:\temp\dw_example1.json"/>
<dw:set-payload><![CDATA[%dw 1.0
%output application/xml
%namespace ns0 http://mulesoft.org/tshirt-service
---
{
ns0#OrderTshirt: {
size: "M" unless payload.buyer.state == "TX" otherwise "XXL",
email: payload.buyer.email,
name: payload.buyer.name,
address1: payload.buyer.address,
address2: null,
city: payload.buyer.city,
stateOrProvince: payload.buyer.state,
postalCode: payload.buyer.postCode,
country: payload.buyer.nationality
}
}]]></dw:set-payload>
</dw:transform-message>
<ws:consumer config-ref="Web_Service_Tshirt" operation="OrderTshirt" doc:name="Web Service Consumer"/>
</flow>
I'm using Anypoint Studio 6.2.5 with Mule ESB Server 3.8.2.
I have no more ideas for what to change to make this work. Hope anyone has some good suggestion about this. Thanks in advance!

You dont require to mention http in proxy url host can set the proxy using following example:-
<http:request-config name="HTTP_Request_Configuration" host="www.webservicex.com" port="80" doc:name="HTTP Request Configuration">
<http:proxy host="my.example.proxy.com" port="8080"/>
</http:request-config>
You may need to provide your proxy username and password based on your proxy.
A best example is if you follow step by step written here :-
http://www.corralict.nl/wsc-connector-proxy/
and
https://docs.mulesoft.com/mule-user-guide/v/3.8/web-service-consumer
Regarding tls, don't touch the tls part and make sure your HTTP request protocol is set to HTTP and not HTTPS. The error you are seeing is a bug in studio and will not affect if you configure rightly.

Not able to invoke axis2 service from wso2 ESB proxy service

I am new to OSB.
-> I have a AXIS2 webservice application running on wso2 appserver. If we pass a name as a parameter it will return hello + Name.
-> I am trying to access this application from proxyservice in WSO2 ESB application.
The project name is SampleESBConfig and proxy service name: ESBtoAxis2PS1
Steps for Implementing proxy service:
The proxy service ha wsdl url : http://localhost:9763/services/Test1?wsdl ; Wsdl Type: SOURCE_URL
InFlow
Placed LogMediator
place SendMediator
Created address endpoint which points to : http://localhost:9763/services/Test1 [ Target URL, AXIS2 webservice application URL]
OutFlow
Placed LogMediator
place SendMediator
Fault Sequence
Placed the LogMediator
Created Composite application which includes the above proxyservice
Deployed this application on WSO2 ESB server which is running on localhost.
Note:
Both ESB & appserver running on localhost
When i am trying to test the application getting the below error.
[2015-06-18 16:27:55,212] ERROR - Axis2Sender Unexpected error during
sending message out org.apache.axis2.AxisFault: The system cannot
infer the transport information from the
/services/ESBtoAxis2PS1.ESBtoAxis2PS1HttpSoap11Endpoint URL.
How do I fix this?

Let assume that your are calling the echo proxy and you are creating a soap project by providing the wsdl of your proxy service.Then the request url for echo service will be
http://localhost:8280/services/echo.echoHttpSoap11Endpoint and when you are going to invoke it, you will get the above error.
As a solution for it you need to remove the part behind the "." operator. So you proxy calling url will be http://localhost:8280/services/echo
According to the error log I found that you are calling the proxy service /services/ESBtoAxis2PS1.ESBtoAxis2PS1HttpSoap11Endpoint . So you need to call the proxy like /services/ESBtoAxis2PS1 as I mentioned earlier.
Hope this may solve the issue.

WSO2API Manager : Api Store Error: Error in getting new access token

I have updated WSO2 default SLL with the custom SSL certificate on my Production Server on which WSO2Api installed.
SSL issues have been fixed, but now I am getting error while re-generating access token
Logs
Caused by: org.wso2.carbon.apimgt.keymgt.APIKeyMgtException: Error in getting new accessToken
at org.wso2.carbon.apimgt.keymgt.service.APIKeyMgtSubscriberService.renewAccessToken(APIKeyMgtSubscriberService.java:281)
... 45 more
Caused by: java.lang.RuntimeException: Failed : HTTP error code : 500
at org.wso2.carbon.apimgt.keymgt.service.APIKeyMgtSubscriberService.renewAccessToken(APIKeyMgtSubscriberService.java:252)
... 45 more
TID: [0] [AM] [2014-08-27 10:57:41,440] ERROR {org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject} - Error in getting new accessToken {org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject}

If APIManager runs with a port offset,you need to do addtional changes.
Change the endpoint ports defined in default APIs shipped with APIManager
Find all default APIs of the API Manager in /repository/deployment/server/synapse-configs/default/api folder. Those are Authorize API, Login API, Token API and Revoke API. Open each of them and change the address endpoint config included port value to match with offset value.The default address endpoint config is
"address uri="https://192.168.1.7:9443/oauth2/token".If the AM standalone pack running with port offset 2 change that config as
address uri="https://192.168.1.7:9445/oauth2/token"

What I did to fix the issue was to 1) add admin user inside ApiKeyValidaor in api-manager.xml also into admin user via management console and into user-mgt.xml; 2) Inside api-manager.xml:
Change the following:
https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/
to:
https://[FQDN_OF_HOST}:${mgt.transport.https.port}${carbon.context}/services/
Reason is my server certificate only recorded the domain name, not ip address.
My setup: Product: WSO2 AM 1.10.0 DB: MSSQL Security: SAML2 integrated with PingIdentity OS: Linux
Please also refer to this question:
wso2 am 1.10.0 API Store: "Error occurred while executing the action generateApplicationKey" with " Invalid credentials provided."

The error may be due to one of these two things:
Your admin password is not set for ApiKeyManager in api_manager.xml.
SSL is not set properly.

SSL Exception when WebService endpoint url has https

I am getting the below exception when I invoke a jax ws webservice from my application deployed in WebSphere Application Server 6.1
SSL HANDSHAKE FAILURE: A signer with SubjectDN "CN=yyy.com, OU=For Intranet Use Only, OU=Web Hosting, O=xx, L=xx, ST=xx, C=xx" was sent from target host:port "*:9445". The signer may need to be added to local trust store "F://../trust.p12" . The extended error message from the SSL handshake exception is: "No trusted certificate found".
The enpoint url has https.
With the same enpoint url I am able to get a response from SOAP UI(Tool) without any certificate configuration etc..
Could you help me on this ?

I finally was able to fix this small issue.The Server certificate needs to be added to the websphere appserver truststore.This can be done from the admin console of websphere by providing the server domain and port.