CertificateRevocationVerifier

[edwanyoike]

Description: To enable client certificate validation for passthrough transport, according to the documentation, you have to add the following parameter to the axis2 transport under PassThroughHttpSSLSender

true

however after doing exactly that i get the following exception: [2019-02-22 10:13:09,784] [EI-Core] INFO - PassThroughHttpSSLSender Initializing Pass-through HTTP/S Sender... [2019-02-22 10:13:09,790] [EI-Core] FATAL - CarbonServerManager WSO2 Carbon initialization Failed java.lang.NullPointerException at org.apache.synapse.transport.nhttp.config.ClientConnFactoryBuilder.parseSSL(ClientConnFactoryBuilder.java:124) at org.apache.synapse.transport.passthru.PassThroughHttpSSLSender.initConnFactoryBuilder(PassThroughHttpSSLSender.java:45) at org.apache.synapse.transport.passthru.PassThroughHttpSender.init(PassThroughHttpSender.java:162) at org.apache.synapse.transport.passthru.PassThroughHttpSSLSender.init(PassThroughHttpSSLSender.java:33) at org.apache.axis2.context.ConfigurationContextFactory.initTransportSenders(ConfigurationContextFactory.java:300) at org.apache.axis2.context.ConfigurationContextFactory.init(ConfigurationContextFactory.java:231) at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContext(ConfigurationContextFactory.java:93) at org.wso2.carbon.core.CarbonConfigurationContextFactory.createNewConfigurationContext(CarbonConfigurationContextFactory.java:65) at org.wso2.carbon.core.init.CarbonServerManager.initializeCarbon(CarbonServerManager.java:399) at org.wso2.carbon.core.init.CarbonServerManager.start(CarbonServerManager.java:220) at org.wso2.carbon.core.internal.CarbonCoreServiceComponent.activate(CarbonCoreServiceComponent.java:105) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345) at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) at org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) at org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) at org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) at org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81) at org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60) at org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40) at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38) at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1230) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1174) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1066) at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5370) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5668) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:145) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1700) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1690) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)

Affected Product Version: EI 6.4.0

[cermu]

true, i have the same issue with this line:

true

[arunans23]

Can you provide more context to reproduce this issue? After adding the line to axis2.xml file, at what point did you get this error? Did you try to invoke any service? or while starting the integrator.sh?

[cermu]

@arunans23 while starting the integrator.sh, it wont start

[arunans23]

@cermu @edwanyoike I was able to reproduce the issue. It seems to be an issue in the documentation. Please remove the old parameter and add the following parameters under PassThroughHttpSSLSender.

<parameter name="CertificateRevocationVerifier" enable="true">
                <CacheSize>1024</CacheSize>
                <CacheDelay>1000</CacheDelay>
   </parameter>

Please update this thread if the issue persists.

[arunans23]

Created an issue in WSO2 Jira to update the document. https://wso2.org/jira/browse/DOCUMENTATION-8434

[cermu]

will try it out and give a comment.....thanks a lot

[nilminiwso2]

Fixed (from EI 6.1.1. to EI 6.5.0).