0

I Have a WSO2 IS and APIM connected between, I have a certificate ad the certificate is also in the trust store. I see in the log the following exception:

[2023-03-23 07:13:50,092] [24f5ec1a-e983-42c9-86af-3477b49d409b] ERROR {org.wso2.is.notification.EventSender} - Error while sending Revocation Event to https://localhost:9444/internal/data/v1/notify javax.net.ssl.SSLException: hostname in certificate didn't match: <localhost> != <XXXXX> OR <XXXX>

The called address is IS.

I think the problem is because it calls itself on localhost and therefore the certificate host doesn't match, maybe I have to force it to call itself on the dns?

user5919369
  • 111
  • 6

1 Answers1

0

Few different ways to resolve this.

  1. Add localhost as a SAN name in your certificate.
  2. Do SSL termination at the Loadbalancer and use two different certificates for public traffic and internal traffic.
  3. Do all calls using the DNS added in the Certificate as the CN.
  4. Disable Hostname verification.
ycr
  • 12,828
  • 2
  • 25
  • 45