[ http://issues.apache.org/jira/browse/GERONIMO-1503?page=all ]
Vamsavardhana Reddy updated GERONIMO-1503:
------------------------------------------
Attachment: GERONIMO-1503.patch
Investigating the problem revealed that only keystorePassword is set for the
KeyStoreGBean. An empty string is being used as keyPassword. Because of this,
both Jetty and Tomcat HTTPS Connectors are not able to recover the key.
o Tomcat HTTPS Connector requires that the keystorePassword and keyPassword are
same and only keystorePassword is specified while creating HTTPS Connector.
o Jetty HTTPS Connector allows to specify a keyPassword. But when an empty
string is specified as keyPassword, it uses null instead of "".
GERONIMO-1503.patch: Adds keyPassword attribute to KeyStoreGBean.
> keystore generated by KeyStore portlet could not be used to add either Jetty
> or Tomcat HTTPS Listeners
> ------------------------------------------------------------------------------------------------------
>
> Key: GERONIMO-1503
> URL: http://issues.apache.org/jira/browse/GERONIMO-1503
> Project: Geronimo
> Type: Bug
> Components: console
> Versions: 1.0, 1.0-M5
> Environment: WinXP, Sun JDK 1.4.2_08
> Reporter: Vamsavardhana Reddy
> Attachments: GERONIMO-1503.patch
>
> ssl-keystore-1 generated by KeyStore portlet could not be used to add either
> Jetty or Tomcat HTTPS Listeners. Steps to regenerate this error.
> 1. Start Geronimo server
> 2. Using KeyStore portlet in Geronimo Console, generate keypair.
> ("ssl-keystore-1" file is created in this step)
> 3. Using WebServers portlet, add a new HTTPS Listener. Enter
> "var/security/ssl-keystore-1" in the keystore field in this step.
> The new HTTPS Listener fails to start.
> The following exception is logged when attempting to add a Jetty HTTPS
> Listener.
> 21:20:05,942 WARN [SslListener] EXCEPTION
> java.security.UnrecoverableKeyException: Cannot recover key
> at sun.security.provider.KeyProtector.recover(KeyProtector.java:301)
> at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:120)
> at java.security.KeyStore.getKey(KeyStore.java:289)
> at com.sun.net.ssl.internal.ssl.X509KeyManagerImpl.<init>(DashoA12275)
> at
> com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl.engineInit(DashoA12275)
> at javax.net.ssl.KeyManagerFactory.init(DashoA12275)
> at org.mortbay.http.SslListener.createFactory(SslListener.java:262)
> at org.mortbay.http.SslListener.newServerSocket(SslListener.java:283)
> at org.mortbay.util.ThreadedServer.open(ThreadedServer.java:477)
> at
> org.apache.geronimo.jetty.connector.JettyConnector.doStart(JettyConnector.java:233)
> at
> org.apache.geronimo.jetty.connector.HTTPSConnector.doStart(HTTPSConnector.java:128)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:936)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:325)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:110)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:132)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:537)
> at
> org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:208)
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor$StartRecursiveInvoke.invoke(ProxyMethodInterceptor.java:365)
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at
> org.apache.geronimo.jetty.JettyWebConnector$$EnhancerByCGLIB$$e76cef7.startRecursive(<generated>)
> at
> org.apache.geronimo.console.webmanager.ConnectorPortlet.processAction(ConnectorPortlet.java:143)
> at org.apache.pluto.core.PortletServlet.dispatch(PortletServlet.java:229)
> at org.apache.pluto.core.PortletServlet.doGet(PortletServlet.java:158)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
> at org.apache.pluto.core.PortletServlet.service(PortletServlet.java:153)
> at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)
> at
> org.apache.geronimo.jetty.JettyServletHolder.handle(JettyServletHolder.java:99)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:830)
> at org.mortbay.jetty.servlet.JSR154Filter.doFilter(JSR154Filter.java:170)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
> at org.mortbay.jetty.servlet.Dispatcher.dispatch(Dispatcher.java:283)
> at org.mortbay.jetty.servlet.Dispatcher.include(Dispatcher.java:163)
> at
> org.apache.pluto.invoker.impl.PortletInvokerImpl.invoke(PortletInvokerImpl.java:120)
> at
> org.apache.pluto.invoker.impl.PortletInvokerImpl.action(PortletInvokerImpl.java:68)
> at
> org.apache.pluto.PortletContainerImpl.processPortletAction(PortletContainerImpl.java:164)
> at
> org.apache.pluto.portalImpl.core.PortletContainerWrapperImpl.processPortletAction(PortletContainerWrapperImpl.java:82)
> at org.apache.pluto.portalImpl.Servlet.doGet(Servlet.java:227)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
> at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)
> at
> org.apache.geronimo.jetty.JettyServletHolder.handle(JettyServletHolder.java:99)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:830)
> at org.mortbay.jetty.servlet.JSR154Filter.doFilter(JSR154Filter.java:170)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
> at
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
> at
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
> at org.mortbay.http.HttpServer.service(HttpServer.java:909)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at
> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> 21:20:06,042 ERROR [GBeanInstanceState] Error while starting; GBean is now in
> the FAILED state:
> objectName="geronimo.server:J2EEApplication=null,J2EEModule=geronimo/jetty/1.0/car,J2EEServer=geronimo,j2eeType=GBean,name=JettyWebConnector-HTTPS-ssl-keystore-1"
> java.io.IOException: Could not create JsseListener:
> java.security.UnrecoverableKeyException: Cannot recover key
> at org.mortbay.http.SslListener.newServerSocket(SslListener.java:314)
> at org.mortbay.util.ThreadedServer.open(ThreadedServer.java:477)
> at
> org.apache.geronimo.jetty.connector.JettyConnector.doStart(JettyConnector.java:233)
> at
> org.apache.geronimo.jetty.connector.HTTPSConnector.doStart(HTTPSConnector.java:128)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:936)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:325)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:110)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:132)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:537)
> at
> org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:208)
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor$StartRecursiveInvoke.invoke(ProxyMethodInterceptor.java:365)
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at
> org.apache.geronimo.jetty.JettyWebConnector$$EnhancerByCGLIB$$e76cef7.startRecursive(<generated>)
> at
> org.apache.geronimo.console.webmanager.ConnectorPortlet.processAction(ConnectorPortlet.java:143)
> at org.apache.pluto.core.PortletServlet.dispatch(PortletServlet.java:229)
> at org.apache.pluto.core.PortletServlet.doGet(PortletServlet.java:158)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
> at org.apache.pluto.core.PortletServlet.service(PortletServlet.java:153)
> at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)
> at
> org.apache.geronimo.jetty.JettyServletHolder.handle(JettyServletHolder.java:99)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:830)
> at org.mortbay.jetty.servlet.JSR154Filter.doFilter(JSR154Filter.java:170)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
> at org.mortbay.jetty.servlet.Dispatcher.dispatch(Dispatcher.java:283)
> at org.mortbay.jetty.servlet.Dispatcher.include(Dispatcher.java:163)
> at
> org.apache.pluto.invoker.impl.PortletInvokerImpl.invoke(PortletInvokerImpl.java:120)
> at
> org.apache.pluto.invoker.impl.PortletInvokerImpl.action(PortletInvokerImpl.java:68)
> at
> org.apache.pluto.PortletContainerImpl.processPortletAction(PortletContainerImpl.java:164)
> at
> org.apache.pluto.portalImpl.core.PortletContainerWrapperImpl.processPortletAction(PortletContainerWrapperImpl.java:82)
> at org.apache.pluto.portalImpl.Servlet.doGet(Servlet.java:227)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
> at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)
> at
> org.apache.geronimo.jetty.JettyServletHolder.handle(JettyServletHolder.java:99)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:830)
> at org.mortbay.jetty.servlet.JSR154Filter.doFilter(JSR154Filter.java:170)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
> at
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
> at
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
> at org.mortbay.http.HttpServer.service(HttpServer.java:909)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at
> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
