1 Reply Latest reply on Dec 10, 2018 2:15 AM by Martin Choma

    Vault password in domain mode (JBoss EAP 7)

    gfo44 Newbie

      Hi,

       

      I have a JBoss  EAP 7.0 in domain mode. I have a domain controller with several managed hosts.

      Considering that, I am trying to install "vault passwords".

       

      What I am currently doing (via Shell scripts):

      • create keystore + vault
      • put passwords in the vault
      • add the vault to the host configuration (via /host=<MYHOST>/core-service=vault:add)
      • add the vault to the host master configuration (via /host=master/core-service=vault:add)
        • => In the doc I didn't find any mention to that. Do we need to have vault conf in both hosts (domain controller and managed host) ?
      • push passwords to server groups, profiles, etc. (datasouces...)
      • try to start server-group
        • => I have a failure :

      /server-group=<MYSERVERGROUP>:start-servers

      {

          "outcome" => "failed",

          "failure-description" => {"host-failure-descriptions" => {"<MYHOST>" => "WFLYCTL0158: java.lang.SecurityException: WFLYSRV0228: security exception"}},

          "rolled-back" => true,

          "result" => {}

      }

        • I try to reload the configuration of my hosts as follow:

       

      /host=<MYHOST>:reload(use-current-host-config=true)

      /host=master:reload(use-current-host-config=true, use-current-domain-config=true)

       

        • after a while, my host <MYHOST> disepear in my domain controller (maybe because of the reload operation...) then nothing can work
          • => Do I need to reload my hosts to avoid "security exception"? If no, what can I do?

       

      Thanks a lot for your help.

      Regards