I have exposed the Identity Server UserProfileMgtService adminService in WSO2 ESB. The issue is that when I use the tryIt
feature to test the service I get an SSL exception. This also happens when I call the service in ESB through SOAP UI.
This is the exception:
[2012-09-14 16:32:21,003] ERROR - ClientHandler I/O error : Host name verification failed for host : localhost For : 127.0.0.1:9447 For Request : Axis2Request [Message ID : urn:uuid:d3797d1e-f21d-4b6a-aec9-075e95e982e6] [Status Completed : false] [Status SendingCompleted : true]
javax.net.ssl.SSLException: Host name verification failed for host : localhost
at org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender$1.verify(HttpCoreNIOSSLSender.java:310)
at org.apache.http.impl.nio.reactor.SSLIOSessionHandlerAdaptor.verify(SSLIOSessionHandlerAdaptor.java:52)
at org.apache.http.impl.nio.reactor.SSLIOSession.doHandshake(SSLIOSession.java:186)
at org.apache.http.impl.nio.reactor.SSLIOSession.outboundTransport(SSLIOSession.java:292)
at org.apache.http.impl.nio.SSLClientIOEventDispatch.outputReady(SSLClientIOEventDispatch.java:249)
at org.apache.http.impl.nio.reactor.BaseIOReactor.writable(BaseIOReactor.java:179)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:344)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:318)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:104)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:542)
at java.lang.Thread.run(Thread.java:662)
[2012-09-14 16:32:21,005] WARN - EndpointContext Endpoint : endpoint_b058e35b0fa1f0f58569defe4fb9d4838eadea9b6abd4d36 will be marked SUSPENDED as it failed
[2012-09-14 16:32:21,006] WARN - EndpointContext Suspending endpoint : endpoint_b058e35b0fa1f0f58569defe4fb9d4838eadea9b6abd4d36 - last suspend duration was : 30000ms and current suspend duration is : 30000ms - Next retry after : Fri Sep 14 16:32:51 EEST 2012
I am using self-signed certificates, but I've modified accordingly the wso2carbon.jks and client-truststore.jks so they have certificates with CN localhost as well as my self-signed certificate which has different CN. I am using localhost for the IS endpoint. What can cause this exception? Is there an easier way to map IS admin services in ESB.
Clarification
All the servers have self signed certificates with CN: ip-xx-xx-xxx-xx.xx.something.com.
My Identity server is running on localhost:9447/ and the service I want to run through ESB is localhost:9447/services/UserProfileMgtService?wsdl.
The ESB is on localhost:9447/
I've set set parameter to AllowAll in the HTTPS transport sender configuration which is defined in axis2.xml and I've also set the HideAdminServiceWSDLs to false.
I can access the localhost:9447/services/UserProfileMgtService?wsdl through browser, but if I give it in ESB in the publishWsdl option it says it can't connect to the service. If I define it as custom proxy it throws the exception given above.
In SOAP UI I give the WSDL of the proxy service in ESB which has only mediate() method which I guess is because ESB can't connect to the endpoint wsdl.