Closed Sam-Explorer closed 1 year ago
It's possible that the app-server cannot validate the certificate of the api mediation layer. Check your zowe.certificate section of the zowe.yaml to ensure that the values are correct, in particular the zowe.certificate.pem section does need to be defined to alert the app-server about the CAs, because if the app-server can't read the CAs, then it wont validate the certificate of apiml if zowe.verifyCertificates is set to something other than "disabled". What is the value of that currently?
we have similar configuration in zowe.yaml, same as given in the zowe doc https://docs.zowe.org/stable/user-guide/configure-certificates-keyring zowe: certificate: keystore: type: JCERACFKS file: safkeyring://ZWESVUSR/ZoweKeyring password: 'password' alias: localhost truststore: type: JCERACFKS file: safkeyring://ZWESVUSR/ZoweKeyring password: "password" pem: key: '' certificate: '' certificateAuthorities: safkeyring:////ZWESVUSR/ZoweKeyring&localca
I tried with STRICT & NONSTRICT - its does not work and works only if I have DISABLED.
Thanks..
Hi Sam, could you please try to use four slashes to specify the keyring (safkeyring:////) everywhere? There were some changes in keyring config format in Zowe 2.7, so latest docs a bit irrelevant for your version of Zowe, please refer to the example in docs for v2.6 https://docs.zowe.org/v2.6.x/user-guide/configure-certificates-keyring
Hi Sergei, we did specify (safkeyring:////). Issue has been fixed, with reference to https://github.com/zowe/docs-site/issues/1550
Thank you for response! :-)
Bug: Authentication failed for 3 types. Types: ["saf","apiml","zss"] org.zowe.zlux.auth.safsso: APIML unable to get issuer certificate
Zowe Version 2.6
API Service are running good, however issue with login to ZOWE Desktop getting below error message. Authentication failed for 3 types. Types: ["saf","apiml","zss"] org.zowe.zlux.auth.safsso: APIML unable to get issuer certificate
ZOWE STC is able to communicate with Cross-Memory Server