Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting 'client-truststore-sender.ks' does not exist issue once Mutual SSL enabled between API Gateway and Backend #158

Closed
SupunTharakaSandaruwan opened this issue Jun 7, 2022 · 2 comments · Fixed by wso2/carbon-apimgt#11904
Closed

Getting 'client-truststore-sender.ks' does not exist issue once Mutual SSL enabled between API Gateway and Backend #158

SupunTharakaSandaruwan opened this issue Jun 7, 2022 · 2 comments · Fixed by wso2/carbon-apimgt#11904
Assignees
@DinithHerath
Labels
4.2.0-RC 4.3.0-M1 4.3.0 M1 Milestone 4.3.0 Affected/APIM-4.0.0 Component/APIM Priority/Normal Type/Bug
Milestone
4.2.0-RC

Comments

@SupunTharakaSandaruwan
Copy link

Description

Once the Mutual SSL between APIM GW and Backend is enabled as guided in [1], the following error in "Relevant Log Output" section is thrown after the the second APIM restart onwards.

[1] https://apim.docs.wso2.com/en/4.0.0/deploy-and-publish/deploy-on-gateway/api-gateway/mutual-ssl-between-api-gateway-and-backend/#test-mutual-ssl-between-api-gateway-and-backend

Steps to Reproduce

  • Follow the steps given in [1] to enable the Mutual SSL between APIM and Backend.
  • Start the APIM server
    -- You will be able to observe that the truststore file is changed as client-truststore-sender.ks in the multi_ssl_profiles.xml file and new client-truststore-sender.ks file is created under the /repository/resources/security directory.
  • Stop the server and restart it again by keeping the multi_ssl_profiles.xml files with the changes done by APIM server.
  • Once the server is trying to start the following error in "Relevant Log Output" section will be thrown.

[1]https://apim.docs.wso2.com/en/4.0.0/deploy-and-publish/deploy-on-gateway/api-gateway/mutual-ssl-between-api-gateway-and-backend/#test-mutual-ssl-between-api-gateway-and-backend

Affected Component

APIM

Version

4.0.0

Environment Details (with versions)

No response

Relevant Log Output

[2022-06-06 15:16:15,328] ERROR - GatewayStartupListener Error while Backup Truststore
org.wso2.carbon.apimgt.impl.certificatemgt.exceptions.CertificateManagementException: Error while backup truststore
	at org.wso2.carbon.apimgt.impl.utils.CertificateMgtUtils.backupOriginalTrustStore_aroundBody46(CertificateMgtUtils.java:758) ~[org.wso2.carbon.apimgt.impl_9.0.174.166.jar:?]
	at org.wso2.carbon.apimgt.impl.utils.CertificateMgtUtils.backupOriginalTrustStore(CertificateMgtUtils.java:724) ~[org.wso2.carbon.apimgt.impl_9.0.174.166.jar:?]
	at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.completingServerStartup_aroundBody0(GatewayStartupListener.java:106) [org.wso2.carbon.apimgt.gateway_9.0.174.160.jar:?]
	at org.wso2.carbon.apimgt.gateway.listeners.GatewayStartupListener.completingServerStartup(GatewayStartupListener.java:103) [org.wso2.carbon.apimgt.gateway_9.0.174.160.jar:?]
	at org.wso2.carbon.core.internal.CarbonCoreServiceComponent.notifyBefore(CarbonCoreServiceComponent.java:258) [org.wso2.carbon.core_4.6.2.168.jar:?]
	at org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.completeInitialization(StartupFinalizerServiceComponent.java:166) [org.wso2.carbon.core_4.6.2.168.jar:?]
	at org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.serviceChanged(StartupFinalizerServiceComponent.java:323) [org.wso2.carbon.core_4.6.2.168.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:113) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:985) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:151) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:866) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:804) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:228) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:525) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:544) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.registerThrottlingAgent(ThrottlingAgentServiceComponent.java:118) [org.wso2.carbon.tenant.throttling.agent_4.9.10.jar:?]
	at org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.activate(ThrottlingAgentServiceComponent.java:96) [org.wso2.carbon.tenant.throttling.agent_4.9.10.jar:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_321]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_321]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_321]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_321]
	at org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) [org.eclipse.equinox.ds_1.4.400.v20160226-2036.jar:?]
	at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) [org.eclipse.equinox.ds_1.4.400.v20160226-2036.jar:?]
	at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345) [org.eclipse.equinox.ds_1.4.400.v20160226-2036.jar:?]
	at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) [org.eclipse.equinox.ds_1.4.400.v20160226-2036.jar:?]
	at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) [org.eclipse.equinox.ds_1.4.400.v20160226-2036.jar:?]
	at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) [org.eclipse.equinox.ds_1.4.400.v20160226-2036.jar:?]
	at org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) [org.eclipse.equinox.ds_1.4.400.v20160226-2036.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:113) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:985) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:151) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:866) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:804) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:228) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:525) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:544) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.wso2.carbon.core.init.CarbonServerManager.initializeCarbon(CarbonServerManager.java:529) [org.wso2.carbon.core_4.6.2.168.jar:?]
	at org.wso2.carbon.core.init.CarbonServerManager.removePendingItem(CarbonServerManager.java:305) [org.wso2.carbon.core_4.6.2.168.jar:?]
	at org.wso2.carbon.core.init.PreAxis2ConfigItemListener.bundleChanged(PreAxis2ConfigItemListener.java:118) [org.wso2.carbon.core_4.6.2.168.jar:?]
	at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:973) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
	at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:345) [org.eclipse.osgi_3.14.0.v20190517-1309.jar:?]
Caused by: java.io.FileNotFoundException: Source '/wso2am-4.0.0/repository/resources/security/client-truststore-sender.ks' does not exist
	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:1074) ~[commons-io_2.4.0.wso2v1.jar:?]
	at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:1038) ~[commons-io_2.4.0.wso2v1.jar:?]
	at org.wso2.carbon.apimgt.impl.utils.CertificateMgtUtils.backupOriginalTrustStore_aroundBody46(CertificateMgtUtils.java:744) ~[org.wso2.carbon.apimgt.impl_9.0.174.166.jar:?]

Related Issues

No response

Suggested Labels

No response
@vithu30 vithu30 mentioned this issue Jun 13, 2022
Closed
@rmsamitha rmsamitha added this to the 4.2.0-RC milestone Feb 21, 2023
@Kirishikesan Kirishikesan mentioned this issue Mar 1, 2023
Merged
@HiranyaKavishani
Copy link

Reopened the public git issue to port the fix into API-M 4.1.0

@YasasRangika YasasRangika added 4.3.0 4.3.0-M1 4.3.0 M1 Milestone labels Jan 8, 2024
@YasasRangika
Copy link

Closing this issue as the porting mentioned above has been completed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DinithHerath DinithHerath

Labels
4.2.0-RC 4.3.0-M1 4.3.0 M1 Milestone 4.3.0 Affected/APIM-4.0.0 Component/APIM Priority/Normal Type/Bug
Projects
None yet
Milestone
4.2.0-RC
6 participants
@rmsamitha @dushaniw @SupunTharakaSandaruwan @YasasRangika @HiranyaKavishani @DinithHerath