Hi Omindu, Thank you. I change the both password and key password to the same value and the Issues is fixed.
Thanks and Best Regards. Kamidu Sachith Punchihewa *Software Engineer* WSO2, Inc. lean . enterprise . middleware Mobile : +94 (0) 770566749 <%2B94%20%280%29%20773%20451194> Disclaimer: This communication may contain privileged or other confidential information and is intended exclusively for the addressee/s. If you are not the intended recipient/s, or believe that you may have received this communication in error, please reply to the sender indicating that fact and delete the copy you received and in addition, you should not print, copy, retransmit, disseminate, or otherwise use the information contained in this communication. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. On Tue, Apr 26, 2016 at 11:37 AM, Omindu Rathnaweera <[email protected]> wrote: > Hi Kamindu, > > This can happen when the keystore and the private key password are not the > same (see [1]). Can you try changing the private key password to match the > keystore password and check? You can follow [2] to change the private key > password. > > [1] - https://wso2.org/jira/browse/CARBON-14975 > [2] - > http://xacmlinfo.org/2014/05/26/how-to-keystore-changing-java-key-store-passwords/ > > Regards, > Omindu. > > On Tue, Apr 26, 2016 at 10:57 AM, Kamidu Punchihewa <[email protected]> > wrote: > >> Hi Tharindu, >> >> I debugged the mentioned class and checked the runtime values for the two >> variables below as suggested: >> >> - keystorePath >> - keystorePassword >> >> For both the variables the correct values were assigned at runtime. The >> correct key store was assigned to the variables along with the new password >> provided. >> Any idea why the above mentioned error occurred even when the correct >> password is provided? >> >> Thanks and Best Regards, >> >> Kamidu Sachith Punchihewa >> *Software Engineer* >> WSO2, Inc. >> lean . enterprise . middleware >> Mobile : +94 (0) 770566749 <%2B94%20%280%29%20773%20451194> >> >> >> Disclaimer: This communication may contain privileged or other >> confidential information and is intended exclusively for the addressee/s. >> If you are not the intended recipient/s, or believe that you may have >> received this communication in error, please reply to the sender indicating >> that fact and delete the copy you received and in addition, you should not >> print, copy, retransmit, disseminate, or otherwise use the information >> contained in this communication. Internet communications cannot be >> guaranteed to be timely, secure, error or virus-free. The sender does not >> accept liability for any errors or omissions. >> >> On Mon, Apr 25, 2016 at 7:04 PM, Tharindu Edirisinghe <[email protected] >> > wrote: >> >>> Hi Kamidu, >>> >>> If you have correctly set the new password in identity.xml file's >>> *EntitlementSettings*, can you remote debug the >>> *org.wso2.carbon.identity.entitlement* 's *4.2.2 *version to find out >>> the actual cause. >>> >>> The particular class is >>> >>> >>> *src/main/java/org/wso2/carbon/identity/entitlement/internal/EntitlementServiceComponent.java* >>> You may need to check the values read for following variables in the >>> class. >>> >>> //read the keystore and password used for ssl >>> communication from config >>> String keystorePath = IdentityUtil.getProperty( >>> ThriftConfigConstants.PARAM_KEYSTORE_LOCATION); >>> String keystorePassword = IdentityUtil.getProperty( >>> ThriftConfigConstants.PARAM_KEYSTORE_PASSWORD); >>> >>> Regards, >>> TharinduE >>> >>> On Mon, Apr 25, 2016 at 5:56 PM, Kamidu Punchihewa <[email protected]> >>> wrote: >>> >>>> Hi, >>>> >>>> I have a IS 5.0.0 SP1 pack and i have change the default password of >>>> the key store and changed the following config files accordingly. >>>> >>>> - <CARBON_HOME>/repository/conf/identity.xml. >>>> - <CARBON_HOME>/repository/conf/carbon.xml >>>> - <CARBON_HOME>/repository/conf/axis2/axis2.xml >>>> - <CARBON_HOME>/repository/conf/security/cipher-tool.properties >>>> - <CARBON_HOME>/repository/conf/security/secret-conf.properties >>>> - <CARBON_HOME>/repository/conf/security/cipher-text.properties >>>> - >>>> >>>> <CARBON_HOME>/repository/deployment/server/jaggeryapps/dashboard/authentication/auth_config.json >>>> - >>>> >>>> <CARBON_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/classes/TenantConfig.properties >>>> >>>> At Server startup the following error occurred. >>>> Is there are any more changes to be done? >>>> >>>> *Error Log :* >>>> >>>> [2016-04-25 17:51:39,207] ERROR >>>> {org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent} >>>> - Error in initializing thrift transport >>>> org.apache.thrift.transport.TTransportException: Error creating the >>>> transport >>>> at >>>> org.apache.thrift.transport.TSSLTransportFactory.createSSLContext(TSSLTransportFactory.java:201) >>>> at >>>> org.apache.thrift.transport.TSSLTransportFactory.getServerSocket(TSSLTransportFactory.java:102) >>>> at >>>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftEntitlementService(EntitlementServiceComponent.java:329) >>>> at >>>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftServices(EntitlementServiceComponent.java:300) >>>> at >>>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.activate(EntitlementServiceComponent.java:162) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:606) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>>> at >>>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>>> at >>>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451) >>>> at >>>> org.wso2.carbon.identity.thrift.authentication.internal.ThriftAuthenticationServiceComponent.activate(ThriftAuthenticationServiceComponent.java:69) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:606) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>>> at >>>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>>> at >>>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40) >>>> at >>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38) >>>> at >>>> org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1267) >>>> at >>>> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1186) >>>> at >>>> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1081) >>>> at >>>> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5027) >>>> at >>>> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5314) >>>> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) >>>> at >>>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559) >>>> at >>>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549) >>>> at java.util.concurrent.FutureTask.run(FutureTask.java:262) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>>> at java.lang.Thread.run(Thread.java:745) >>>> Caused by: java.security.UnrecoverableKeyException: Cannot recover key >>>> at sun.security.provider.KeyProtector.recover(KeyProtector.java:328) >>>> at >>>> sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138) >>>> at >>>> sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55) >>>> at java.security.KeyStore.getKey(KeyStore.java:804) >>>> at >>>> sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:131) >>>> at >>>> sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:68) >>>> at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:259) >>>> at >>>> org.apache.thrift.transport.TSSLTransportFactory.createSSLContext(TSSLTransportFactory.java:187) >>>> ... 62 more >>>> [2016-04-25 17:51:39,210] ERROR >>>> {org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent} >>>> - Failed to initialize Entitlement Service >>>> java.lang.Exception: Error in initializing thrift transport >>>> at >>>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftEntitlementService(EntitlementServiceComponent.java:356) >>>> at >>>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.startThriftServices(EntitlementServiceComponent.java:300) >>>> at >>>> org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent.activate(EntitlementServiceComponent.java:162) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:606) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>>> at >>>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>>> at >>>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451) >>>> at >>>> org.wso2.carbon.identity.thrift.authentication.internal.ThriftAuthenticationServiceComponent.activate(ThriftAuthenticationServiceComponent.java:69) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:606) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) >>>> at >>>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) >>>> at >>>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) >>>> at >>>> org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) >>>> at >>>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) >>>> at >>>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) >>>> at >>>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) >>>> at >>>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60) >>>> at >>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40) >>>> at >>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38) >>>> at >>>> org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1267) >>>> at >>>> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1186) >>>> at >>>> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1081) >>>> at >>>> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5027) >>>> at >>>> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5314) >>>> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) >>>> at >>>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559) >>>> at >>>> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549) >>>> at java.util.concurrent.FutureTask.run(FutureTask.java:262) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>>> at java.lang.Thread.run(Thread.java:745) >>>> >>>> Thanks and Best Regards, >>>> >>>> Kamidu Sachith Punchihewa >>>> *Software Engineer* >>>> WSO2, Inc. >>>> lean . enterprise . middleware >>>> Mobile : +94 (0) 770566749 <%2B94%20%280%29%20773%20451194> >>>> >>>> >>>> Disclaimer: This communication may contain privileged or other >>>> confidential information and is intended exclusively for the addressee/s. >>>> If you are not the intended recipient/s, or believe that you may have >>>> received this communication in error, please reply to the sender indicating >>>> that fact and delete the copy you received and in addition, you should not >>>> print, copy, retransmit, disseminate, or otherwise use the information >>>> contained in this communication. Internet communications cannot be >>>> guaranteed to be timely, secure, error or virus-free. The sender does not >>>> accept liability for any errors or omissions. >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> >>> Tharindu Edirisinghe >>> Software Engineer | WSO2 Inc >>> Platform Security Team >>> Blog : tharindue.blogspot.com >>> mobile : +94 775181586 >>> >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Omindu Rathnaweera > Software Engineer, WSO2 Inc. > Mobile: +94 771 197 211 >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
