[英]WSO2: My keystore is added to carbon, but does not load at startup
I am trying to make my wso2 server on my VPS secure, so I ordered a certificate as prescribed by my provider Hostnet.nl, than created and added a keystore as described by wso2 on https://www.yenlo.com/blog/setting-up-wso2-with-a-valid-certificate . 我试图使我的VPS上的wso2服务器安全,因此我订购了我的提供商Hostnet.nl规定的证书,然后按照https://www.yenlo.com/blog/上 wso2的描述创建并添加了密钥库。 用有效证书设置wso2- 。 Last step was to modify carbon.xml, in which I added my keystore
最后一步是修改carbon.xml,在其中添加了我的密钥库
<KeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/MijnWSO2sleutelwinkel.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<Password>mypassword</Password>
<!-- Private Key alias-->
<KeyAlias>mijnWSO2sleutelwinkel</KeyAlias>
<!-- Private Key password-->
<KeyPassword>mypassword</KeyPassword>
</KeyStore>
Upon restarting the VPS and WSO2 the keystore did not appear in /carbon in the list of keystores. 重新启动VPS和WSO2后,密钥库未出现在密钥库列表中的/ carbon中。 I was able to add it manually by uploading the keystore file and the SSL_CA file of the intermediary party, Hostnet.
我可以通过上载中介方Hostnet的密钥库文件和SSL_CA文件来手动添加它。 Looks fine in Carbon's list of keystores, but after restarting the VPS and WSO2, the keystore does not get loaded.
在Carbon的密钥库列表中看起来不错,但是在重新启动VPS和WSO2之后,不会加载密钥库。 In the startup script of WSO2 I only see wso2carbon getting loaded:
在WSO2的启动脚本中,我仅看到wso2carbon正在加载:
[2018-05-22 15:24:27,106] INFO - ClientConnFactoryBuilder HTTPS Loading Identity Keystore from : repository/resources/security/wso2carbon.jks
[2018-05-22 15:24:27,122] INFO - ClientConnFactoryBuilder HTTPS Loading Trust Keystore from : repository/resources/security/client-truststore.jks
[2018-05-22 15:24:27,128] INFO - ClientConnFactoryBuilder customSSLProfiles configuration is loaded from path: /usr/local/opt/wso2am-2.2.0/repository/resources/security/sslprofiles.xml
[2018-05-22 15:24:27,128] INFO - ClientConnFactoryBuilder HTTPS Loading custom SSL profiles for the HTTPS sender
[2018-05-22 15:24:27,129] INFO - ClientConnFactoryBuilder HTTPS Loading Identity Keystore from : repository/resources/security/wso2carbon.jks
[2018-05-22 15:24:27,130] INFO - ClientConnFactoryBuilder HTTPS Loading Trust Keystore from : repository/resources/security/client-truststore.jks
[2018-05-22 15:24:27,132] INFO - ClientConnFactoryBuilder HTTPS Custom SSL profiles initialized for 1 servers
[2018-05-22 15:24:27,133] INFO - PassThroughHttpSSLSender Pass-through HTTPS Sender started...
And no further mentions of SSL or my own keystore at all. 完全没有提及SSL或我自己的密钥库。 What am I missing?
我想念什么?
I followed the instructions given in the same link - https://www.yenlo.com/blog/setting-up-wso2-with-a-valid-certificate 我遵循了同一链接中给出的说明-https: //www.yenlo.com/blog/setting-up-wso2-with-a-valid-certificate
I am able to find all of the files to change the .jks except for the last reference - 我可以找到所有文件来更改.jks,但最后一个参考除外-
./security/secret-conf.properties:21:#keystore.identity.location=repository/resources/security/wso2carbon.jks
I am installing the cert on a APIM 2.2 server, is this file deprecated in this new version? 我正在将证书安装在APIM 2.2服务器上,此文件在新版本中是否已弃用?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.