Josh Elser created ACCUMULO-4689:
------------------------------------
Summary: If keyStoreType and trustStoreType are not provided for
monitor SSL, monitor fails obtusely
Key: ACCUMULO-4689
URL: https://issues.apache.org/jira/browse/ACCUMULO-4689
Project: Accumulo
Issue Type: Bug
Reporter: Josh Elser
Assignee: Josh Elser
Fix For: 1.7.4, 1.8.2, 2.0.0
I ran {{./bin/generate_monitor_certificate.sh}} and copied the content to
accumulo-site.xml as instructed. I saw this error when starting the monitor:
{noformat}
2017-07-28 16:02:22,844 [handler.ContextHandler] INFO : Started
o.e.j.s.ServletContextHandler@67d82dcd{/,null,AVAILABLE}
2017-07-28 16:02:22,937 [component.AbstractLifeCycle] WARN : FAILED
SslContextFactory@771c3cb6(/Users/jelser/projects/accumulo.git/assemble/target/accumulo-1.7.4-SNAPSHOT/conf/keystore.jks,/Users/jelser/projects/accumulo.git/assemble/target/accumulo-1.7.4-SNAPSHOT/conf/cacerts.jks):
java.security.KeyStoreException: not found
at java.security.KeyStore.getInstance(KeyStore.java:851)
at
org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
at
org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:864)
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:270)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:125)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:107)
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:125)
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:107)
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:260)
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at
org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:218)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:337)
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at
org.apache.accumulo.monitor.EmbeddedWebServer.start(EmbeddedWebServer.java:116)
at org.apache.accumulo.monitor.Monitor.run(Monitor.java:482)
at org.apache.accumulo.monitor.Monitor.main(Monitor.java:438)
at
org.apache.accumulo.monitor.MonitorExecutable.execute(MonitorExecutable.java:33)
at org.apache.accumulo.start.Main$1.run(Main.java:120)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.security.NoSuchAlgorithmException: KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.KeyStore.getInstance(KeyStore.java:848)
... 22 more
{noformat}
It appears that the JKS type is required to be specified. It would be nice to
fail "better", but at a minimum we should include that in the output generated
by the script.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
