Hi all,
I'm trying WSO2 API Manager 4.2.0 + mysql with docker compose , apim_db & shared_db changed to MySQL , WSO2CARBON_DB is still H2 as default, this is my configs:
docker-compose.yml
version: '3.1'
services:
wso2apim:
image: docker.wso2.com/wso2am:4.2.0
container_name: wso2apim
hostname: esb.mydomain.com
environment:
- TZ=Asia/Ho_Chi_Minh
ports:
- 9443:9443
- 8243:8243
- 8280:8280
volumes:
- ./mysql-connector-j-8.0.33.jar:/home/wso2carbon/wso2am-4.2.0/repository/components/lib/mysql-connector-j-8.0.33.jar
- ./deployment.toml:/home/wso2carbon/wso2am-4.2.0/repository/conf/deployment.toml
- ./security:/home/wso2carbon/wso2am-4.2.0/repository/resources/security
- ./database:/home/wso2carbon/wso2am-4.2.0/repository/database
restart: always
wso2mysql:
image: mysql:8.0
container_name: wso2mysql
environment:
- TZ=Asia/Ho_Chi_Minh
- MYSQL_ROOT_PASSWORD=***
security_opt:
- seccomp:unconfined
volumes:
- ./mysqldata:/var/lib/mysql
- ./my.cnf:/etc/mysql/my.cnf
#- ./dbscripts:/docker-entrypoint-initdb.d
restart: always
deployment.toml (I only post the parts that have changed from the default)
[server]
hostname = "esb.mydomain.com"
[database.apim_db]
type = "mysql"
url = "jdbc:mysql://wso2mysql:3306/WSO2AM_DB?useSSL=false&allowPublicKeyRetrieval=true"
username = "root"
password = "***"
driver="com.mysql.cj.jdbc.Driver"
[database.shared_db]
type = "mysql"
url = "jdbc:mysql://wso2mysql:3306/WSO2AM_SHARED_DB?useSSL=false&allowPublicKeyRetrieval=true"
username = "root"
password = "***"
driver="com.mysql.cj.jdbc.Driver"
I have a wildcard certificate for *.mydomain.com , and I configured keystore , replaced alias "wso2carbon" in wso2carbon.jks (with pfx file) and client-truststore.jks (with pem file) , restarted containers.
I can login to https://esb.mydomain.com:9443/carbon successfully , valid certificate
When I try to access https://esb.mydomain.com:9443/publisher or /devportal I get error like
Caused by: javax.net.ssl.SSLHandshakeException: No name matching localhost found
Caused by: java.security.cert.CertificateException: No name matching localhost found
As far as I know, because my wildcard certificate doesn't have localhost as the Common Name(CN) or as a Subject Alternate Name(SAN) hence when the server is trying to connect with the host localhost the HostName verification fails.
I cannot request a new certificate for now, how can I disable Hostname verification with docker compose to make it work ?
Hi all,
I'm trying WSO2 API Manager 4.2.0 + mysql with docker compose , apim_db & shared_db changed to MySQL , WSO2CARBON_DB is still H2 as default, this is my configs:
I have a wildcard certificate for *.mydomain.com , and I configured keystore , replaced alias "wso2carbon" in wso2carbon.jks (with pfx file) and client-truststore.jks (with pem file) , restarted containers.
I can login to https://esb.mydomain.com:9443/carbon successfully , valid certificate
When I try to access https://esb.mydomain.com:9443/publisher or /devportal I get error like
As far as I know, because my wildcard certificate doesn't have localhost as the Common Name(CN) or as a Subject Alternate Name(SAN) hence when the server is trying to connect with the host localhost the HostName verification fails.
I cannot request a new certificate for now, how can I disable Hostname verification with docker compose to make it work ?