WSO2 DAS: SSLException - Fix as a Script
WSO2 DAS may throw an SSLException saying something similar to this:
SSLException: hostname in certificate didn’t match: <192.888.888.1> != <localhost>The solution has been found already and shared by several other bloggers. However, creating and importing new certificate again and again (If you are contributing to WSO2 products, it may happen ;-) ) is little painful. Here I am sharing a script that can help you to automate this process.
This script creates new certificate with default alias and password wso2carbon. So there is no need to update any configuration files. Depending on your country, you can change the values of: L=Colombo, S=Western, C=LK.
#!/bin/bashif [ “$#” -ne 2 ]; then
echo “Error: Illegal number of parameters.”
echo “Help: wso2key <your-ip> <das-home>”
echo “Example: wso2key 192.888.888.1 ~/wso2das-3.0.1”
exit
fidomain=$1
wso2_home=$2echo “Creating key for ${domain}”
keytool -genkey -noprompt \
-alias wso2carbon \
-keysize 2048 \
-keyalg RSA \
-dname “CN=${domain}, OU=Unknown, O=WSO2, L=Colombo, S=Western, C=LK” \
-keystore wso2carbon.jks \
-storepass wso2carbon \
-keypass wso2carbonecho “Creating client key for ${domain}”
keytool -export -noprompt -keystore wso2carbon.jks -alias wso2carbon -file wso2carbon.cer -storepass wso2carbon# Delete exisitng key
keytool -delete -alias wso2carbon -keystore ${wso2_home}/repository/resources/security/wso2carbon.jks -storepass wso2carbon# Import the new key
keytool -importkeystore -srckeystore wso2carbon.jks -destkeystore ${wso2_home}/repository/resources/security/wso2carbon.jks -srcstoretype jks -deststoretype jks -srcstorepass wso2carbon -deststorepass wso2carbon# Delete exisitng client key
keytool -delete -alias wso2carbon -keystore ${wso2_home}/repository/resources/security/client-truststore.jks -storepass wso2carbon# Import the client key
keytool -import -noprompt -alias wso2carbon -file wso2carbon.cer -keystore ${wso2_home}/repository/resources/security/client-truststore.jks -storepass wso2carbon
Save it as wso2key anywhere you want and make it executable using the following command.
chmod +x wso2keyProvide your IP address and DAS-Home as parameters to wso2key.
wso2key <your-ip> <das-home>For manual solution:
* WSO2 DAS: How to fix javax.net.ssl.SSLException
* Using IP address or domain name to access UES gadgets
