I have run QPID Broker-J 9.0 on openjdk17 for mac as well as temurin17 for
linux. in both when i try to AutoGenerate a keystore with self signed cert
i get the following error:
org.apache.qpid.server.configuration.IllegalConfigurationException:
Unable to construct keystore
at
org.apache.qpid.server.security.AutoGeneratedSelfSignedKeyStoreImpl.generatePrivateKeyAndCertificate(AutoGeneratedSelfSignedKeyStoreImpl.java:296)
at
org.apache.qpid.server.security.AutoGeneratedSelfSignedKeyStoreImpl.postResolve(AutoGeneratedSelfSignedKeyStoreImpl.java:169)
...
Caused by: java.lang.IllegalAccessException: class
org.apache.qpid.server.transport.network.security.ssl.SSLUtil cannot
access class sun.security.tools.keytool.CertAndKeyGen (in module
java.base) because module java.base does not export
sun.security.tools.keytool to unnamed module @6b37576e
at
java.base/jdk.internal.reflect.Reflection.newIllegalAccessException(Unknown
Source)
at java.base/java.lang.reflect.AccessibleObject.checkAccess(Unknown Source)
...
now i think i can start java with some flags to make some necessary
classes available however i feel like this behavior is likely
unintended.
should users of Broker-J be expected to add runtime arguments to their
java process to generate the keystore? or is there some other config I
need for this to work? or is this an issue i should log in Jira?
in Java11 this works great.
