modcluster unable to locate keystore file
tchan-mb-ehealth Mar 11, 2013 5:38 PMI understand someone already posted a similar issue in this forum https://community.jboss.org/thread/176677 but I still couldn't get mine working. I would appreciate if someone can shed some light on this issue.
I'm running RHEL 6.4, JBoss-as.7.1.1.Final, and JDK 1.7 .0_15. The following is my modcluster configuation in the domain.xml. I already double-checked my keystore with the keytool command. I sudo to the "jboss" user and I can open up the keystore with the password.
<subsystem xmlns="urn:jboss:domain:modcluster:1.0">
<mod-cluster-config advertise-socket="modcluster" proxy-list="172.x.x.x:6666" balancer="myjbosscluster" advertise="false">
<ssl key-alias="jboss-as" certificate-key-file="/opt/jboss-as-7.1.1.Final/domain/configuration/jboss-as-keystore.jks" ca-certificate-file="/opt/jboss-as-7.1.1.Final/domain/configuration/jboss-as-keystore.jks" password="password"/>
<dynamic-load-provider>
<load-metric type="busyness"/>
</dynamic-load-provider>
</mod-cluster-config>
</subsystem>
Here's the exception stack:
[Server:master-server-test] 16:10:29,441 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-3) MSC00001: Failed to start service jboss.mod-cluster: org.jboss.msc.service.StartException in service jboss.mod-cluster: Failed to start service
[Server:master-server-test] at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1767) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
[Server:master-server-test] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_15]
[Server:master-server-test] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_15]
[Server:master-server-test] at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_15]
[Server:master-server-test] Caused by: java.lang.IllegalStateException: java.io.FileNotFoundException: /home/jboss/.keystore (No such file or directory)
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:113)
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.<init>(DefaultMCMPHandler.java:747)
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.add(DefaultMCMPHandler.java:183)
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.init(DefaultMCMPHandler.java:139)
[Server:master-server-test] at org.jboss.modcluster.ModClusterService.init(ModClusterService.java:146)
[Server:master-server-test] at org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.init(CatalinaEventHandlerAdapter.java:258)
[Server:master-server-test] at org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.start(CatalinaEventHandlerAdapter.java:99)
[Server:master-server-test] at org.jboss.as.modcluster.ModClusterService.start(ModClusterService.java:243)
[Server:master-server-test] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
[Server:master-server-test] at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
[Server:master-server-test] ... 3 more
[Server:master-server-test] Caused by: java.io.FileNotFoundException: /home/jboss/.keystore (No such file or directory)
[Server:master-server-test] at java.io.FileInputStream.open(Native Method) [rt.jar:1.7.0_15]
[Server:master-server-test] at java.io.FileInputStream.<init>(FileInputStream.java:138) [rt.jar:1.7.0_15]
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getStore(JSSESocketFactory.java:253)
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeystore(JSSESocketFactory.java:208)
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:280)
[Server:master-server-test] at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:98)
[Server:master-server-test] ... 12 more
[Server:master-server-test]
I checked the jboss-as-mod-cluster_1_0.xsd, and the following quote shows the definition of the attribute. Even though I specified an absolute path for the keystore file, and the file is also owned by the same user who runs Jboss, strangely Jboss keeps looking at the /home/jboss/.keystore file instead. I even tried to create the ".keystore" file under "/home/jboss", but then Jboss complaint about the password being invalid or tempered.
<xs:attribute name="certificate-key-file" type="xs:string" use="optional" default="${user.home}/.keystore">
<xs:annotation>
<xs:documentation>
sslKeyStore: That is the keystore name here.
</xs:documentation>
</xs:annotation>
</xs:attribute>
Any ideas on this issue?