禁用 WSO2 证书验证 [英] Disabling WSO2 Certificate Validation
问题描述
我是 WSO2 的新手.
I'm new to WSO2.
我正在使用 ESB 控制台,并且我正在尝试添加一个基于 WSDL 的代理
I'm using the ESB Console, and I'm trying to add a WSDL-Based Proxy
输入 WSDL URL 后,如果我尝试测试 URI,我收到以下错误:
After entering the WSDL URL if I then try to Test URI, I receive the following error:
无效的 WSDL URI(无法建立连接)
我不确定问题是什么,但我猜测证书的颁发者有问题.我想禁用证书验证来测试该理论.到目前为止,我能找到的唯一设置是 wso2esb-4.8.1/repository/conf/axis2/axis2.xml 文件中的以下内容:
I'm not certain was the issue is, but I'm guessing that there is a problem with the issuer of the certificate. I would like to disable certificate validation to test that theory. So far, the only setting I can find is the following in the wso2esb-4.8.1/repository/conf/axis2/axis2.xml file:
<transportSender name="https class="org.apache.synapse.transport.passthru.PassThroughHttpSSLSender">
...
<parameter name="HostnameVerifier">AllowAll</parameter>
</transportSender>
但是,此设置无济于事.(而且它真的不应该有帮助,因为实际的主机名与证书 CN 匹配)
However, this setting doesn't help. (And it really shouldn't help since the actual host name matches the certificate CN)
关于我可以寻找什么来解决这个问题的任何想法?
Any ideas on what I can look for to fix this?
谢谢!
推荐答案
您能否使用 Internet 浏览器(具有相同的 URI)查看 WSDL?
Can you see the WSDL using your internet Browser (with the same URI) ?
你们没有公司代理吗?在这种情况下,在 WSO2 中配置它,在您的 transportSender conf 中添加这些属性:
Don't you have a corporate proxy ? In this case, configure it in WSO2 adding thoses properties in your transportSender conf :
<parameter name="http.proxyHost" locked="false">localhost</parameter>
<parameter name="http.proxyPort" locked="false">8080</parameter>
(更新主机名和端口...)
(update hostname and port...)
看看 wso2carbon.log
Have a look at wso2carbon.log
如果您可以访问此 URI 并想知道 AllowAll 是否有效,您可以尝试配置 WSO2 以信任此证书:从您的互联网浏览器下载它并使用 keytool 将其安装在 ESB_HOME/repository/resources/security/client-truststore.jks 中
If you can access this URI and wonder if AllowAll works, you can try to configure WSO2 to trust this certificate : download it from your internet browser and install it in ESB_HOME/repository/resources/security/client-truststore.jks with keytool
这篇关于禁用 WSO2 证书验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!