3 Replies Latest reply on Dec 19, 2018 5:48 AM by Martin Choma

    Vault initialization issue with keystore on OpenJDK

    valsaraj viswanathan Master

      We are facing following issue when we switched from OracleJDK to OpenJDK:

      [Host Controller] 09:25:41,568 INFO  [org.jboss.as] (MSC service thread 1-6) JBAS015899: WildFly 8.2.1.Final "Tweek" starting

      [Host Controller] 09:25:42,674 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) JBAS014612: Operation ("add") failed - address: ([

      [Host Controller]     ("host" => "master"),

      [Host Controller]     ("core-service" => "vault")

      [Host Controller] ]): java.lang.RuntimeException: JBAS015804: Error initializing vault --  org.jboss.as.server.services.security.VaultReaderException: JBAS013313: Vault Reader Exception:

      [Host Controller] at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java:82) [wildfly-server-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:75) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:660) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.java:501) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.AbstractOperationContext.completeStepInternal(AbstractOperationContext.java:298) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:293) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:324) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:297) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.host.controller.DomainModelControllerService.boot(DomainModelControllerService.java:441) [wildfly-host-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:259) [wildfly-controller-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_191]

      [Host Controller] Caused by: org.jboss.as.server.services.security.VaultReaderException: JBAS013313: Vault Reader Exception:

      [Host Controller] at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:84) [wildfly-security-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java:80) [wildfly-server-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] ... 10 more

      [Host Controller] Caused by: org.jboss.security.vault.SecurityVaultException: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/usr/jboss-8.2.0.Final/domain/vault/keystore.jceks)

      [Host Controller] at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:210)

      [Host Controller] at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:82) [wildfly-security-8.2.1.Final.jar:8.2.1.Final]

      [Host Controller] ... 11 more

      [Host Controller] Caused by: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/usr/jboss-8.2.0.Final/domain/vault/keystore.jceks)

      [Host Controller] at org.picketbox.plugins.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:688)

      [Host Controller] at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:205)

      [Host Controller] ... 12 more

      [Host Controller] Caused by: java.io.IOException: Invalid secret key format

      [Host Controller] at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:856) [sunjce_provider.jar:1.8.0_191]

      [Host Controller] at java.security.KeyStore.load(KeyStore.java:1445) [rt.jar:1.8.0_191]

      [Host Controller] at org.picketbox.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:201)

      [Host Controller] at org.picketbox.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:151)

      [Host Controller] at org.picketbox.plugins.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:685)

      [Host Controller] ... 13 more

      [Host Controller]

      [Host Controller] 09:25:42,682 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010933: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details.

       

      The same works fine in OracleJDK.

      Using the same keystore file that worked on OracleJDK.

      Anybody can point what's wrong with OpenJDK?

       

      Thanks!