[jira] [Commented] (JAMES-3206) Keystore Exception when running the "Basic" Server

Ioan Eugen Stan (Jira) Tue, 09 Jun 2020 23:28:03 -0700


    [ 
https://issues.apache.org/jira/browse/JAMES-3206?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17130130#comment-17130130
 ]


Ioan Eugen Stan commented on JAMES-3206:
----------------------------------------

I believe this has more to do with how keystore work than with James.

However Java keystores are a nuisance. If I remember correctly, you have a 
password for the keystore and a password for the key. So you should have both 
of them supplied or have one without a password.

 

I plan to put an nginx proxy in front of James and use that for SSL 
termination. The reason is that I would like to use letsencrypt certificates 
with auto renewal. I don't know how Java keystore auto renewal will work.

> Keystore Exception when running the "Basic" Server
> --------------------------------------------------
>
>                 Key: JAMES-3206
>                 URL: https://issues.apache.org/jira/browse/JAMES-3206
>             Project: James Server
>          Issue Type: Bug
>            Reporter: David Leangen
>            Priority: Blocker
>
> When attempting to run the "Basic" server (jpa-guice) out-of-the-box, I am 
> unable to get the server running due to a password exception:
> {code:java}
> 12:13:26.044 [ERROR] o.a.j.GuiceJamesServer - Fatal error while starting James
> java.security.UnrecoverableKeyException: failed to decrypt safe contents 
> entry: java.lang.IllegalStateException: password has been cleared
>  ... 32 common frames omitted
> Wrapped by: java.io.IOException: keystore password was incorrect
>  at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source)
>  at java.base/sun.security.util.KeyStoreDelegator.engineLoad(Unknown Source)
>  at java.base/java.security.KeyStore.load(Unknown Source)
>  at 
> org.apache.james.protocols.lib.netty.AbstractConfigurableAsyncServer.buildSSLContext(AbstractConfigurableAsyncServer.java:396)
>  at 
> org.apache.james.protocols.lib.netty.AbstractConfigurableAsyncServer.init(AbstractConfigurableAsyncServer.java:264)
>  at 
> org.apache.james.protocols.lib.netty.AbstractServerFactory.init(AbstractServerFactory.java:58)
>  at 
> org.apache.james.modules.protocols.IMAPServerModule.lambda$configureImap$0(IMAPServerModule.java:93)
>  at 
> org.apache.james.utils.InitilizationOperationBuilder$PrivateImpl.initModule(InitilizationOperationBuilder.java:52)
>  at 
> com.github.fge.lambdas.consumers.ConsumerChainer.lambda$sneakyThrow$9(ConsumerChainer.java:73)
>  at java.base/java.util.stream.ReferencePipeline$11$1.accept(Unknown Source)
>  at java.base/java.util.stream.DistinctOps$1$2.accept(Unknown Source)
>  at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(Unknown 
> Source)
>  at java.base/java.util.stream.ReferencePipeline$2$1.accept(Unknown Source)
>  at 
> java.base/java.util.Spliterators$ArraySpliterator.forEachRemaining(Unknown 
> Source)
>  at java.base/java.util.stream.AbstractPipeline.copyInto(Unknown Source)
>  at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown 
> Source)
>  at 
> java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(Unknown 
> Source)
>  at 
> java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(Unknown
>  Source)
>  at java.base/java.util.stream.AbstractPipeline.evaluate(Unknown Source)
>  at java.base/java.util.stream.ReferencePipeline.forEach(Unknown Source)
>  at java.base/java.util.stream.ReferencePipeline$7$1.accept(Unknown Source)
>  at 
> java.base/java.util.Spliterators$ArraySpliterator.forEachRemaining(Unknown 
> Source)
>  at java.base/java.util.stream.AbstractPipeline.copyInto(Unknown Source)
>  at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown 
> Source)
>  at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(Unknown 
> Source)
>  at java.base/java.util.stream.AbstractPipeline.evaluate(Unknown Source)
>  at java.base/java.util.stream.ReferencePipeline.collect(Unknown Source)
>  at 
> org.apache.james.utils.InitializationOperations.processConfigurables(InitializationOperations.java:53)
>  at 
> org.apache.james.utils.InitializationOperations.initModules(InitializationOperations.java:43)
>  at org.apache.james.GuiceJamesServer.start(GuiceJamesServer.java:93)
>  at org.apache.james.JamesServerMain.main(JamesServerMain.java:24)
>  at org.apache.james.JPAJamesServerMain.main(JPAJamesServerMain.java:105)
> 12:14:23.287 [ERROR] o.a.j.PeriodicalHealthChecks - UNHEALTHY: Guice 
> application lifecycle : James server is not started.
> {code}
>  I opened a session into the docker container to test the keystore. It exists 
> in the conf directory and works as intended with the default password.
> So I do not know why this exception occurs and the server does not start. :(



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org

[jira] [Commented] (JAMES-3206) Keystore Exception when running the "Basic" Server

Reply via email to