search

wso2 / kubernetes-apim

Kubernetes and Helm resources for WSO2 API Manager
Apache License 2.0
112 stars 216 forks source link

Avoid host name verification in Control plane nodes #534

Open hasuniea opened 2 years ago

hasuniea commented 2 years ago

Description: In the default scripts we don't configure custom keystores. Hence we need to restrict the Host name verification in CP nodes

Error log

21-12-22 07:51:23,322] INFO - CommonUtil Creation of folder is successful. Directory Name : Definitions

[2021-12-22 07:52:51,828] ERROR - EventSender Error while sending Revocation Event to https://wso2am-pattern-4-am-cp-service:9443/internal/data/v1/notify

javax.net.ssl.SSLPeerUnverifiedException: Certificate for doesn't match any of the subject alternative names: [localhost]

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) ~[httpclient_4.5.13.wso2v1.jar:?]

at org.wso2.is.notification.EventSender$EventRunner.run(EventSender.java:116) [wso2is.notification.event.handlers_1.2.10.jar:?]

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]

at java.lang.Thread.run(Thread.java:834) [?:?]

Suggested Labels:

Suggested Assignees:

Affected Product Version:

OS, DB, other environment details and versions:

Steps to reproduce:

Related Issues:

douglasawh commented 11 months ago

is there a workaround for this error?