[Dev] Issue when using secure vault with ESB 4.9.0

Thu, 30 Jul 2015 08:35:06 -0700 

Hi Niranjan,

I followed below steps to secure passwords in axis2.xml keystores with ESB
4.9.0-BETA-SNAPSHOT built with cipher tool 1.0.0-wso2v3.

1. Added axis2 configuration entries to cipher-tool.properties file.

Axis2.Https.Listener.TrustStore.Password=repository/conf/axis2/axis2.xml//axisconfig/transportReceiver[@name='https']/parameter[@name='truststore']/TrustStore/Password,false
Axis2.Https.Listener.KeyStore.Password=repository/conf/axis2/axis2.xml//axisconfig/transportReceiver[@name='https']/parameter[@name='keystore']/KeyStore/Password,false

2. Executed cipher text configuration command ./ciphertool.sh -Dconfigure.
It updated axis2.xml with given aliases.

<parameter locked="false" name="truststore">

            <TrustStore>


<Location>repository/resources/security/client-truststore.jks</Location>

                <Type>JKS</Type>

                <Password
svns:secretAlias="Axis2.Https.Listener.TrustStore.Password">password</Password>

            </TrustStore>
        </parameter>

3. But encrypted keys updated in cipher-text.properties file only for
existing entries. Not for the new axis2 entries configured above.
4. Also ESB gives error "java.io.IOException: Keystore was tampered with,
or password was incorrect" at startup.

Is there any missing in my procedure?

Also I experienced below error when running integration tests in ESB 4.9.0
with kernel 4.4.1 RC1. It did not occur with kernel 4.4.0. Would it be due
to any missing information in catalina-server.xml?

INFO  [org.wso2.carbon.integration.common.extensions.utils.ServerLogReader]
- org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference
a node in a context where it does not exist.
INFO  [org.wso2.carbon.integration.common.extensions.utils.ServerLogReader]
- at org.apache.xerces.dom.AttributeMap.internalRemoveNamedItem(Unknown
Source)
INFO  [org.wso2.carbon.integration.common.extensions.utils.ServerLogReader]
- at org.apache.xerces.dom.AttributeMap.removeNamedItem(Unknown Source)
INFO  [org.wso2.carbon.integration.common.extensions.utils.ServerLogReader]
- at
org.wso2.carbon.tomcat.internal.ServerManager.init(ServerManager.java:85)


Thanks.
-- 
Jagath Ariyarathne
Technical Lead
WSO2 Inc.  http://wso2.com/
Email: [email protected]
Mob  : +94 77 386 7048

_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to