0

我刚刚安装了新版本的 wso2-iot(3.1.0)。

我为了远程使用它,我已经使用脚本 /scripts/change-ip.sh 将 IP 从 localhost 更改为我的服务器的 IP 地址。

一切似乎都运行良好,但是当我登录https://IP:9443/devicemgr时,我收到以下消息:

An Error Occurred!
HTTP Status : 500

org.wso2.carbon.apimgt.integration.client.exception.APIMClientOAuthException: failed to retrieve oauth token using jwt

有人遇到过同样的问题吗?有解决办法吗?

谢谢

我尝试在 3 个服务器上安装 wso2-iot:

  • 它适用于带有 openjdk 版本“1.8.0_141”的 Debian 9.1
  • 我在带有 openjdk 版本“1.8.0_141”的 Debian 8.8 上失败了
  • 它在带有 java 版本“1.8.0_144”的 Debian 8.7 上失败
4

4 回答 4

0

当我运行 io-server.sh 脚本时,我收到下面的 java 消息

[2017-09-04 09:25:05,244] [IoT-Core]  INFO - {org.wso2.carbon.ui.internal.CarbonUIServiceComponent} Mgt Console URL  : https://10.5.0.68:9443/carbon/
[2017-09-04 09:25:11,654] [IoT-Core] ERROR - {org.apache.synapse.transport.passthru.TargetHandler} I/O error: Host name verification failed for host : ducky.domaine-mairie.lan
javax.net.ssl.SSLException: Host name verification failed for host : ducky.domaine-mairie.lan
    at org.apache.synapse.transport.http.conn.ClientSSLSetupHandler.verify(ClientSSLSetupHandler.java:171)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:308)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:410)
    at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:119)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)
    at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)
    at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)
    at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:586)
    at java.lang.Thread.run(Thread.java:748)
[2017-09-04 09:25:11,726] [IoT-Core]  WARN - {org.apache.synapse.endpoints.EndpointContext} Endpoint : AnonymousEndpoint with address https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token will be marked SUSPENDED as it failed
[2017-09-04 09:25:11,728] [IoT-Core]  WARN - {org.apache.synapse.endpoints.EndpointContext} Suspending endpoint : AnonymousEndpoint with address https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token - current suspend duration is : 30000ms - Next retry after : Mon Sep 04 09:25:41 CEST 2017
Exception in thread "Thread-36" org.wso2.carbon.apimgt.integration.client.exception.APIMClientOAuthException: failed to retrieve oauth token using jwt
    at org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor.apply(OAuthRequestInterceptor.java:118)
    at feign.SynchronousMethodHandler.targetRequest(SynchronousMethodHandler.java:158)
    at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:88)
    at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:76)
    at feign.ReflectiveFeign$FeignInvocationHandler.invoke(ReflectiveFeign.java:103)
    at com.sun.proxy.$Proxy40.apisGet(Unknown Source)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherServiceImpl.publishAPI(APIPublisherServiceImpl.java:53)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherStartupHandler.publishAPIs(APIPublisherStartupHandler.java:97)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherStartupHandler.access$500(APIPublisherStartupHandler.java:30)
    at org.wso2.carbon.apimgt.webapp.publisher.APIPublisherStartupHandler$1.run(APIPublisherStartupHandler.java:69)
    at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException: Error when parsing the response <am:fault xmlns:am="http://wso2.org/apimanager"><am:code>101500</am:code><am:type>Status report</am:type><am:message>Runtime Error</am:message><am:description>Error in Sender</am:description></am:fault>
    at org.wso2.carbon.identity.jwt.client.extension.JWTClient.getTokenInfo(JWTClient.java:169)
    at org.wso2.carbon.identity.jwt.client.extension.JWTClient.getAccessToken(JWTClient.java:79)
    at org.wso2.carbon.apimgt.integration.client.OAuthRequestInterceptor.apply(OAuthRequestInterceptor.java:99)
    ... 10 more
Caused by: Unexpected character (<) at position 0.
    at org.json.simple.parser.Yylex.yylex(Unknown Source)
    at org.json.simple.parser.JSONParser.nextToken(Unknown Source)
    at org.json.simple.parser.JSONParser.parse(Unknown Source)
    at org.json.simple.parser.JSONParser.parse(Unknown Source)
    at org.json.simple.parser.JSONParser.parse(Unknown Source)
    at org.wso2.carbon.identity.jwt.client.extension.JWTClient.getTokenInfo(JWTClient.java:153)
    ... 12 more

其中 10.5.0.68 是我的服务器的 IP,ducky.domaine-mairie.lan 是服务器的名称。显然,该脚本尝试使用 dns 名称而不是 IP。我希望这将有助于解决问题。

于 2017-09-04T07:36:02.343 回答
0

在这里讨论了类似的问题

问题的一个原因可能是 /etc/hosts 文件有条目将机器 IP 指向主机名。即使 IP 指向 localhost 也可能导致此问题。当证书的公用名被验证时会发生这种情况,它被指向一个主机名。由于证书的通用名称是本地 IP(由 change-ip.sh 脚本创建),当从 /etc/hosts 文件中找到具有相同 IP 的主机名时,将导致主机名验证失败. 这将导致上述问题,无法检索 JWT 令牌。这里报告了一个类似的问题

于 2017-09-11T07:16:34.210 回答
0

One reason for the issue is not having the correct certificate in the IoT_Home/conf/identity/identity-providers/iot_default.xml. Please make sure to add that correctly. Reason for that could be that in the change-ip.sh script "sed -e" does not work on some linux os versions.

于 2017-09-01T15:31:00.320 回答
0

change-ip.sh 没有按我的口味敲定。缺乏信息

于 2017-09-04T22:12:08.063 回答