[ https://issues.apache.org/jira/browse/GEODE-9394?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
John Blum updated GEODE-9394: ----------------------------- Summary: Apache Geode does not properly cleanup its SSL context between runs (was: Apache Geode does not properly cleanup it's SSL context between runs) > Apache Geode does not properly cleanup its SSL context between runs > ------------------------------------------------------------------- > > Key: GEODE-9394 > URL: https://issues.apache.org/jira/browse/GEODE-9394 > Project: Geode > Issue Type: Bug > Components: security > Reporter: John Blum > Priority: Critical > > Because Geode internally uses may statics to maintain state and to pass > configuration between components in a non-Object Oriented fashion, I believe > stale SSL configuration is being retained between Geode instance runs, > leading to Exceptions thrown of the following nature: > {code} > Caused by: org.apache.geode.GemFireConfigException: Error configuring GemFire > ssl > at > org.apache.geode.internal.net.SocketCreator.initialize(SocketCreator.java:249) > at > org.apache.geode.internal.net.SocketCreator.<init>(SocketCreator.java:180) > at > org.apache.geode.internal.net.SocketCreatorFactory.createSSLSocketCreator(SocketCreatorFactory.java:114) > at > org.apache.geode.internal.net.SocketCreatorFactory.getSSLSocketCreator(SocketCreatorFactory.java:88) > at > org.apache.geode.internal.net.SocketCreatorFactory.getOrCreateSocketCreatorForSSLEnabledComponent(SocketCreatorFactory.java:104) > at > org.apache.geode.internal.net.SocketCreatorFactory.getSocketCreatorForComponent(SocketCreatorFactory.java:74) > at > org.apache.geode.cache.client.internal.ConnectionFactoryImpl.<init>(ConnectionFactoryImpl.java:84) > at > org.apache.geode.cache.client.internal.PoolImpl.<init>(PoolImpl.java:261) > at > org.apache.geode.cache.client.internal.PoolImpl.create(PoolImpl.java:161) > at > org.apache.geode.internal.cache.PoolFactoryImpl.create(PoolFactoryImpl.java:374) > at > org.apache.geode.internal.cache.GemFireCacheImpl.determineDefaultPool(GemFireCacheImpl.java:2835) > at > org.apache.geode.internal.cache.GemFireCacheImpl.getDefaultPool(GemFireCacheImpl.java:1321) > at > org.apache.geode.cache.client.internal.ClientRegionFactoryImpl.getDefaultPool(ClientRegionFactoryImpl.java:101) > at > org.apache.geode.cache.client.internal.ClientRegionFactoryImpl.createRegionAttributes(ClientRegionFactoryImpl.java:249) > at > org.apache.geode.cache.client.internal.ClientRegionFactoryImpl.create(ClientRegionFactoryImpl.java:232) > at > org.springframework.data.gemfire.client.ClientRegionFactoryBean.newRegion(ClientRegionFactoryBean.java:193) > at > org.springframework.data.gemfire.client.ClientRegionFactoryBean.createRegion(ClientRegionFactoryBean.java:164) > at > org.springframework.data.gemfire.ResolvableRegionFactoryBean.afterPropertiesSet(ResolvableRegionFactoryBean.java:96) > at > org.springframework.data.gemfire.config.annotation.support.CacheTypeAwareRegionFactoryBean.newClientRegion(CacheTypeAwareRegionFactoryBean.java:181) > at > org.springframework.data.gemfire.config.annotation.support.CacheTypeAwareRegionFactoryBean.createRegion(CacheTypeAwareRegionFactoryBean.java:141) > at > org.springframework.data.gemfire.ResolvableRegionFactoryBean.afterPropertiesSet(ResolvableRegionFactoryBean.java:96) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1858) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1795) > ... 69 more > Caused by: java.security.UnrecoverableKeyException: Password must not be null > at > sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:134) > at > sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:57) > at > sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96) > at > sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:71) > at java.security.KeyStore.getKey(KeyStore.java:1023) > at > sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:145) > at > sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70) > at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256) > at > org.apache.geode.internal.net.SocketCreator.getKeyManagers(SocketCreator.java:422) > at > org.apache.geode.internal.net.SocketCreator.createAndConfigureSSLContext(SocketCreator.java:292) > at > org.apache.geode.internal.net.SocketCreator.initialize(SocketCreator.java:246) > ... 91 more > {code} > In the StackTrace above, SSL was not even configured between the Geode client > and server even though Geode thinks it was. -- This message was sent by Atlassian Jira (v8.3.4#803005)