3 Replies Latest reply on Mar 12, 2013 10:06 AM by tchan-mb-ehealth

modcluster unable to locate keystore file

tchan-mb-ehealth Mar 11, 2013 5:38 PM

I understand someone already posted a similar issue in this forum https://community.jboss.org/thread/176677 but I still couldn't get mine working. I would appreciate if someone can shed some light on this issue.

I'm running RHEL 6.4, JBoss-as.7.1.1.Final, and JDK 1.7 .0_15. The following is my modcluster configuation in the domain.xml. I already double-checked my keystore with the keytool command. I sudo to the "jboss" user and I can open up the keystore with the password.

<subsystem xmlns="urn:jboss:domain:modcluster:1.0">
                <mod-cluster-config advertise-socket="modcluster" proxy-list="172.x.x.x:6666" balancer="myjbosscluster" advertise="false">
                    <ssl key-alias="jboss-as" certificate-key-file="/opt/jboss-as-7.1.1.Final/domain/configuration/jboss-as-keystore.jks" ca-certificate-file="/opt/jboss-as-7.1.1.Final/domain/configuration/jboss-as-keystore.jks" password="password"/>
                    <dynamic-load-provider>
                        <load-metric type="busyness"/>
                    </dynamic-load-provider>
                </mod-cluster-config>
</subsystem>

Here's the exception stack:

[Server:master-server-test] 16:10:29,441 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-3) MSC00001: Failed to start service jboss.mod-cluster: org.jboss.msc.service.StartException in service jboss.mod-cluster: Failed to start service
[Server:master-server-test]           at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1767) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
[Server:master-server-test]           at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_15]
[Server:master-server-test]           at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_15]
[Server:master-server-test]           at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_15]
[Server:master-server-test] Caused by: java.lang.IllegalStateException: java.io.FileNotFoundException: /home/jboss/.keystore (No such file or directory)
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:113)
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.<init>(DefaultMCMPHandler.java:747)
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.add(DefaultMCMPHandler.java:183)
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.init(DefaultMCMPHandler.java:139)
[Server:master-server-test]           at org.jboss.modcluster.ModClusterService.init(ModClusterService.java:146)
[Server:master-server-test]           at org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.init(CatalinaEventHandlerAdapter.java:258)
[Server:master-server-test]           at org.jboss.modcluster.container.catalina.CatalinaEventHandlerAdapter.start(CatalinaEventHandlerAdapter.java:99)
[Server:master-server-test]           at org.jboss.as.modcluster.ModClusterService.start(ModClusterService.java:243)
[Server:master-server-test]           at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
[Server:master-server-test]           at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
[Server:master-server-test]           ... 3 more
[Server:master-server-test] Caused by: java.io.FileNotFoundException: /home/jboss/.keystore (No such file or directory)
[Server:master-server-test]           at java.io.FileInputStream.open(Native Method) [rt.jar:1.7.0_15]
[Server:master-server-test]           at java.io.FileInputStream.<init>(FileInputStream.java:138) [rt.jar:1.7.0_15]
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getStore(JSSESocketFactory.java:253)
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeystore(JSSESocketFactory.java:208)
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:280)
[Server:master-server-test]           at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:98)
[Server:master-server-test]           ... 12 more
[Server:master-server-test]

I checked the jboss-as-mod-cluster_1_0.xsd, and the following quote shows the definition of the attribute. Even though I specified an absolute path for the keystore file, and the file is also owned by the same user who runs Jboss, strangely Jboss keeps looking at the /home/jboss/.keystore file instead. I even tried to create the ".keystore" file under "/home/jboss", but then Jboss complaint about the password being invalid or tempered.

<xs:attribute name="certificate-key-file" type="xs:string" use="optional" default="${user.home}/.keystore">
      <xs:annotation>
        <xs:documentation>
          sslKeyStore: That is the keystore name here.
        </xs:documentation>
      </xs:annotation>
</xs:attribute>

Any ideas on this issue?

1. Re: modcluster unable to locate keystore file

rhusar Mar 12, 2013 5:20 AM (in response to tchan-mb-ehealth)

IIRC unfortunately this is a known issue in AS 7.1.1.

See https://issues.jboss.org/browse/AS7-4942
Actions
2. Re: modcluster unable to locate keystore file

rhusar Mar 12, 2013 5:21 AM (in response to rhusar)

7.2.0.Final (tag only release) has the problem fixed https://github.com/jbossas/jboss-as/tree/7.2.0.Final
1 of 1 people found this helpful
Actions
3. Re: modcluster unable to locate keystore file

tchan-mb-ehealth Mar 12, 2013 10:06 AM (in response to rhusar)

Thank you so much for your help. I just downloaded the 7.2.0.Fimal-prerelease1, and I will take it for a run to see if that would fix my problem. I'll let you know.
Actions

Go to original post