-
1. Re: Exception encountered:PB00019: Processing Failed:Unable to get Keystore
ctomc Dec 12, 2012 11:24 AM (in response to lzcmail)Hi,
as your probably read on issue you linked.
this issue only occurs on windows
and problem is only wrong reporting of error.
it usualy happens when it cannot open keystore file, if it is stored in path that has space in it.
--
tomaz
-
2. Re: Exception encountered:PB00019: Processing Failed:Unable to get Keystore
lzcmail Dec 12, 2012 11:35 AM (in response to ctomc)Thanks tomaz. I tried this on redhat linux. Here is the detail:
$ ./vault.sh
WARNING JBOSS_HOME may be pointing to a different installation - unpredictable results may occur.
=========================================================================
JBoss Vault
JBOSS_HOME: /usr/local/jboss
JAVA: /etc/alternatives/java_sdk_1.6.0/bin/java
VAULT Classpath: /usr/local/jboss/modules/org/picketbox/main/*:/usr/local/jboss/modules/org/jboss/logging/main/*:/usr/local/jboss/modules/org/jboss/common-core/main/*:/usr/local/jboss/modules/org/jboss/as/security/main/*
=========================================================================
**********************************
**** JBoss Vault ********
**********************************
Please enter a Digit:: 0: Start Interactive Session 1: Remove Interactive Session 2: Exit
0
Starting an interactive session
Enter directory to store encrypted files (end with either / or \ based on Unix or Windows:/usr/local/jboss/vault/
Enter Keystore URL:/usr/local/jboss/vault.keystore
Enter Keystore password:
Enter Keystore password again:
Values match
Enter 8 character salt:12345678
Enter iteration count as a number (Eg: 44):25
Please make note of the following:
********************************************
Masked Password:MASK-DjeJRxMmsyt
salt:12345678
Iteration Count:25
********************************************
Enter Keystore Alias:vault
Dec 12, 2012 11:33:23 AM org.jboss.security.vault.SecurityVaultFactory get
INFO: Getting Security Vault with implementation of org.picketbox.plugins.vault.PicketBoxSecurityVault
Obtained Vault
Initializing Vault
Exception encountered:PB00019: Processing Failed:Unable to get Keystore:
-
3. Re: Exception encountered:PB00019: Processing Failed:Unable to get Keystore
raoulpetitpied Dec 13, 2012 8:37 AM (in response to lzcmail)@jboss adict
I faced the same problem this morning and, in my situation, the explaintation was : the storepass must be equal to the keypass.
I beleive this behavior is caused by a bug in org.picketbox.plugins.vault.PicketBoxSecurityVault.init(Map<String, Object> options).
NB :
I'm using picketbox 4.0.9, which contains the following code :
package org.picketbox.plugins.vault;
...
class PicketBoxSecurityVault ... {
...
public void init(Map<String, Object> options) throws SecurityVaultException
{
...
keystore = KeyStoreUtil.getKeyStore(keystoreURL, keystorePass.toCharArray());
keypair = KeyStoreUtil.getPrivateKey(keystore, alias, keystorePass.toCharArray());
...
}
...
As you can see, this code loads the store (e.g. 'getKeyStore()') and the key (e.g. 'getPrivateKey()') with the same password (e.g. 'keystorePass') ...
That's the reason why, when using keytool to create the keystore ans the alias, you have to use a storepass equal to the keypass.
Sample :
keytool -genkey -alias vault -keystore /tmp/server.ks -storepass storepass -keypass storepass -keyalg RSA -keysize 4096 -dname "CN=vault,O=my corp,L=Paris,ST=France,C=FR"
-
4. Re: Exception encountered:PB00019: Processing Failed:Unable to get Keystore
lzcmail Dec 14, 2012 8:55 AM (in response to raoulpetitpied)That is nice finding, but how can jboss team run it correctly? Did they use different code?