Hi Kamindu, This can happen when the keystore and the private key password are not the same (see [1]). Can you try changing the private key password to match the keystore password and check? You can follow [2] to change the private key password.
[1] - https://wso2.org/jira/browse/CARBON-14975 [2] - http://xacmlinfo.org/2014/05/26/how-to-keystore-changing-java-key-store-passwords/ Regards, Omindu. On Tue, Apr 26, 2016 at 10:57 AM, Kamidu Punchihewa <[email protected]> wrote: > Hi Tharindu, > > I debugged the mentioned class and checked the runtime values for the two > variables below as suggested: > > - keystorePath > - keystorePassword > > For both the variables the correct values were assigned at runtime. The > correct key store was assigned to the variables along with the new password > provided. > Any idea why the above mentioned error occurred even when the correct > password is provided? > > Thanks and Best Regards, > > Kamidu Sachith Punchihewa > *Software Engineer* > WSO2, Inc. > lean . enterprise . middleware > Mobile : +94 (0) 770566749 <%2B94%20%280%29%20773%20451194> > > > Disclaimer: This communication may contain privileged or other > confidential information and is intended exclusively for the addressee/s. > If you are not the intended recipient/s, or believe that you may have > received this communication in error, please reply to the sender indicating > that fact and delete the copy you received and in addition, you should not > print, copy, retransmit, disseminate, or otherwise use the information > contained in this communication. Internet communications cannot be > guaranteed to be timely, secure, error or virus-free. The sender does not > accept liability for any errors or omissions. > > On Mon, Apr 25, 2016 at 7:04 PM, Tharindu Edirisinghe <[email protected]> > wrote: > >> Hi Kamidu, >> >> If you have correctly set the new password in identity.xml file's >> *EntitlementSettings*, can you remote debug the >> *org.wso2.carbon.identity.entitlement* 's *4.2.2 *version to find out >> the actual cause. >> >> The particular class is >> >> >> *src/main/java/org/wso2/carbon/identity/entitlement/internal/EntitlementServiceComponent.java* >> You may need to check the values read for following variables in the >> class. >> >> //read the keystore and password used for ssl >> communication from config >> String keystorePath = IdentityUtil.getProperty( >> ThriftConfigConstants.PARAM_KEYSTORE_LOCATION); >> String keystorePassword = IdentityUtil.getProperty( >> ThriftConfigConstants.PARAM_KEYSTORE_PASSWORD); >> >> Regards, >> TharinduE >> >> On Mon, Apr 25, 2016 at 5:56 PM, Kamidu Punchihewa <[email protected]> >> wrote: >> >>> Hi, >>> >>> I have a IS 5.0.0 SP1 pack and i have change the default password of the >>> key store and changed the following config files accordingly. >>> >>> - <CARBON_HOME>/repository/conf/identity.xml. >>> - <CARBON_HOME>/repository/conf/carbon.xml >>> - <CARBON_HOME>/repository/conf/axis2/axis2.xml >>> - <CARBON_HOME>/repository/conf/security/cipher-tool.properties >>> - <CARBON_HOME>/repository/conf/security/secret-conf.properties >>> - <CARBON_HOME>/repository/conf/security/cipher-text.properties >>> - >>> >>> <CARBON_HOME>/repository/deployment/server/jaggeryapps/dashboard/authentication/auth_config.json >>> - >>> >>> <CARBON_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/classes/TenantConfig.properties >>> >>> At Server startup the following error occurred. >>> Is there are any more changes to be done? >>> >>> *Error Log :* >>> >>> [2016-04-25 17:51:39,207] ERROR >>> {org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent} >>> - Error in initializing thrift transport >>> org.apache.thrift.transport.TTransportException: Error creating the >>> transport >>> at >>> org.apache.thrift.transport.TSSLTransportFactory.createSSLContext(TSSLTransportFactory.java:201) >>> at >>> org.apache.thrift.transport.TSSLTransportFactory.getServerSocket(TSSLTransportFactory.java:102) >>> at >>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftEntitlementService(EntitlementServiceComponent.java:329) >>> at >>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftServices(EntitlementServiceComponent.java:300) >>> at >>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.activate(EntitlementServiceComponent.java:162) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:606) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>> at >>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>> at >>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>> at >>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>> at >>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>> at >>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451) >>> at >>> org.wso2.carbon.identity.thrift.authentication.internal.ThriftAuthenticationServiceComponent.activate(ThriftAuthenticationServiceComponent.java:69) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:606) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>> at >>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>> at >>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>> at >>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>> at >>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>> at >>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>> at >>> org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81) >>> at >>> org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60) >>> at >>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40) >>> at >>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38) >>> at >>> org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1267) >>> at >>> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1186) >>> at >>> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1081) >>> at >>> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5027) >>> at >>> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5314) >>> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) >>> at >>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559) >>> at >>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549) >>> at java.util.concurrent.FutureTask.run(FutureTask.java:262) >>> at >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>> at java.lang.Thread.run(Thread.java:745) >>> Caused by: java.security.UnrecoverableKeyException: Cannot recover key >>> at sun.security.provider.KeyProtector.recover(KeyProtector.java:328) >>> at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138) >>> at >>> sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55) >>> at java.security.KeyStore.getKey(KeyStore.java:804) >>> at >>> sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:131) >>> at >>> sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:68) >>> at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:259) >>> at >>> org.apache.thrift.transport.TSSLTransportFactory.createSSLContext(TSSLTransportFactory.java:187) >>> ... 62 more >>> [2016-04-25 17:51:39,210] ERROR >>> {org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent} >>> - Failed to initialize Entitlement Service >>> java.lang.Exception: Error in initializing thrift transport >>> at >>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftEntitlementService(EntitlementServiceComponent.java:356) >>> at >>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftServices(EntitlementServiceComponent.java:300) >>> at >>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.activate(EntitlementServiceComponent.java:162) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:606) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>> at >>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>> at >>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>> at >>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>> at >>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>> at >>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451) >>> at >>> org.wso2.carbon.identity.thrift.authentication.internal.ThriftAuthenticationServiceComponent.activate(ThriftAuthenticationServiceComponent.java:69) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:606) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>> at >>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>> at >>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>> at >>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>> at >>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>> at >>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>> at >>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>> at >>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>> at >>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>> at >>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>> at >>> org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81) >>> at >>> org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60) >>> at >>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40) >>> at >>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38) >>> at >>> org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1267) >>> at >>> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1186) >>> at >>> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1081) >>> at >>> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5027) >>> at >>> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5314) >>> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) >>> at >>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559) >>> at >>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549) >>> at java.util.concurrent.FutureTask.run(FutureTask.java:262) >>> at >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>> at java.lang.Thread.run(Thread.java:745) >>> >>> Thanks and Best Regards, >>> >>> Kamidu Sachith Punchihewa >>> *Software Engineer* >>> WSO2, Inc. >>> lean . enterprise . middleware >>> Mobile : +94 (0) 770566749 <%2B94%20%280%29%20773%20451194> >>> >>> >>> Disclaimer: This communication may contain privileged or other >>> confidential information and is intended exclusively for the addressee/s. >>> If you are not the intended recipient/s, or believe that you may have >>> received this communication in error, please reply to the sender indicating >>> that fact and delete the copy you received and in addition, you should not >>> print, copy, retransmit, disseminate, or otherwise use the information >>> contained in this communication. Internet communications cannot be >>> guaranteed to be timely, secure, error or virus-free. The sender does not >>> accept liability for any errors or omissions. >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> Tharindu Edirisinghe >> Software Engineer | WSO2 Inc >> Platform Security Team >> Blog : tharindue.blogspot.com >> mobile : +94 775181586 >> > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Omindu Rathnaweera Software Engineer, WSO2 Inc. Mobile: +94 771 197 211
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
