Client Truststore Corruption in a HA All-in- one APIM 3.2.0 Setup #2979
Comments
dinuka10
added
Affected/APIM-3.2.0
Type/Improvement
and removed
Missing/Component
labels
|
Closing as per the public fix is not applicable, as 4.x.x versions are storing metadata in the DB. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
In APIM 3.2.0, when client certificates are added through the publisher for an API with mutual SSL enabled, the client truststore becomes corrupted if the client truststore is shared between gateway nodes. (In this case, HA all-in-one setup, and the client truststore is shared between two all-in-one nodes.)
Steps to Reproduce
1.) Setup two all-in-one nodes in HA configuration with the client truststore (security directory) shared between them.
2.) Create and publish an API with mutual SSL enabled and add a few client certificates.
3.) Conduct load tests using the attached JMeter script to update the APIs using the [1] Publisher REST API. The load test involved concurrently updating the API through both APIM nodes using the REST API [1].
NFS.zip
[1] https://apim.docs.wso2.com/en/3.2.0/develop/product-apis/publisher-apis/publisher-v1/publisher-v1/#tag/APIs/paths/~1apis~1%7BapiId%7D/put
Affected Component
APIM
Version
wso2am-3.2.0
Environment Details (with versions)
No response
Relevant Log Output
No response
Related Issues
No response
Suggested Labels
No response
The text was updated successfully, but these errors were encountered: