1 Reply Latest reply on Nov 14, 2006 10:13 AM by Oliver Hernandez

    Trouble With EncryptKeystorePasswordInTomcatConnector Wiki

    Oliver Hernandez Newbie

      I've tried this in both 4.0.4 and the just released 4.0.5, since this Wiki states the functionality to encrypt the keystore password in the Tomcat connector config has been "available since a long long time". It references JBAS-3369 as the task that enabled this feature.

      I created an sslsecurity-service.xml file in my /deploy directory, and am certain it is configured correctly because I setup my JMS UIL2 to use it, and it starts up fine.

      sslsecurity-service.xml:

      <?xml version="1.0" encoding="UTF-8"?>
      
      <server>
      
       <!-- Configures the keystore/truststore for SSL on the security domain -->
       <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
       name="jboss.security:service=PBESecurityDomain">
       <constructor>
       <arg type="java.lang.String" value="SSL"/>
       </constructor>
       <!-- The location of the keystore
       resource: loads from the classloaders conf/ is the first classloader -->
       <attribute name="KeyStoreURL">resource:jbkeystore.ks</attribute>
       <attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/jbkeystore.pw</attribute>
       <attribute name="KeyStoreType">JCEKS</attribute>
       <attribute name="Salt">feefifofum</attribute>
       <attribute name="IterationCount">13</attribute>
       </mbean>
      
      </server>
      


      section in ssl-uil2-service.xml referencing security domain:
       <!-- SSL Socket Factories -->
       <attribute name="ClientSocketFactory">org.jboss.security.ssl.ClientSocketFactory</attribute>
       <attribute name="ServerSocketFactory">org.jboss.security.ssl.DomainServerSocketFactory</attribute>
      
       <!-- Security domain - see below -->
       <attribute name="SecurityDomain">java:/jaas/SSL</attribute>
      


      I did comment out the original security domain config in this file so that the new one would be used instead.

      server.log:
      2006-11-10 16:51:21,773 INFO [org.apache.catalina.startup.Embedded] (main) Catalina naming disabled
      2006-11-10 16:51:21,923 INFO [org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a cluster rule set in the classpath. Will load the default rule set.
      2006-11-10 16:51:21,923 INFO [org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a cluster rule set in the classpath. Will load the default rule set.
      2006-11-10 16:51:22,604 ERROR [org.apache.catalina.startup.Catalina] (main) Catalina.start
      LifecycleException: Protocol handler initialization failed: java.lang.IllegalArgumentException: Failed to set security domain
       at org.apache.catalina.connector.Connector.initialize(Connector.java:1018)
       at org.jboss.web.tomcat.tc5.StandardService.initialize(StandardService.java:688)
       at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:791)
       at org.apache.catalina.startup.Catalina.load(Catalina.java:503)
       at org.apache.catalina.startup.Catalina.start(Catalina.java:543)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.apache.commons.modeler.BaseModelMBean.invoke(BaseModelMBean.java:503)
       at org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.web.tomcat.tc5.Tomcat5.startService(Tomcat5.java:446)
       at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
       at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
       at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
       at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
       at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
       at org.jboss.mx.interceptor.DynamicInterceptor.invoke(DynamicInterceptor.java:97)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
       at $Proxy0.start(Unknown Source)
       at org.jboss.system.ServiceController.start(ServiceController.java:417)
       at org.jboss.system.ServiceController.start(ServiceController.java:435)
       at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
       at $Proxy4.start(Unknown Source)
       at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302)
       at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
       at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
       at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
       at $Proxy6.deploy(Unknown Source)
       at org.jboss.deployment.scanner.URLDeploymentScanner.deploy(URLDeploymentScanner.java:421)
       at org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:634)
       at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.doScan(AbstractDeploymentScanner.java:263)
       at org.jboss.deployment.scanner.AbstractDeploymentScanner.startService(AbstractDeploymentScanner.java:336)
       at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
       at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
       at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
       at $Proxy0.start(Unknown Source)
       at org.jboss.system.ServiceController.start(ServiceController.java:417)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
       at $Proxy4.start(Unknown Source)
       at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302)
       at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:766)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
       at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
       at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
       at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
       at $Proxy5.deploy(Unknown Source)
       at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:482)
       at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
       at org.jboss.Main.boot(Main.java:200)
       at org.jboss.Main$1.run(Main.java:490)
       at java.lang.Thread.run(Thread.java:595)
      2006-11-10 16:51:22,794 INFO [org.apache.catalina.startup.Catalina] (main) Initialization processed in 871 ms
      2006-11-10 16:51:22,794 INFO [org.jboss.web.tomcat.tc5.StandardService] (main) Starting service jboss.web
      2006-11-10 16:51:22,804 INFO [org.apache.catalina.core.StandardEngine] (main) Starting Servlet Engine: Apache Tomcat/5.5.20
      2006-11-10 16:51:22,864 INFO [org.apache.catalina.core.StandardHost] (main) XML validation disabled
      2006-11-10 16:51:23,946 INFO [org.apache.catalina.startup.Catalina] (main) Server startup in 1152 ms
      2006-11-10 16:51:24,797 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/invoker, warUrl=.../deploy/http-invoker.sar/invoker.war/
      2006-11-10 16:51:25,448 INFO [org.apache.catalina.loader.WebappLoader] (main) Dual registration of jndi stream handler: factory already defined
      2006-11-10 16:51:27,571 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/, warUrl=.../deploy/jbossweb-tomcat55.sar/ROOT.war/
      2006-11-10 16:51:28,032 INFO [org.jboss.resource.deployment.RARDeployment] (main) Required license terms exist, view META-INF/ra.xml in .../deploy/jboss-local-jdbc.rar
      2006-11-10 16:51:32,348 INFO [org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService] (main) Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=OracleDS' to JNDI name 'java:OracleDS'
      2006-11-10 16:51:33,640 INFO [STDOUT] (main) com.sun.net.ssl.internal.ssl.SSLSessionContextImpl@13a8eb1
      2006-11-10 16:51:33,850 INFO [org.jboss.mq.il.uil2.UILServerILService] (main) JBossMQ UIL service available at : /0.0.0.0:9000
      2006-11-10 16:51:34,010 INFO [org.jboss.mq.server.jmx.Queue.DLQ] (main) Bound to JNDI name: queue/DLQ
      2006-11-10 16:51:34,101 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/jmx-console, warUrl=.../deploy/jmx-console.war/
      2006-11-10 16:51:35,583 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/utilservlets, warUrl=.../tmp/deploy/tmp30167utilservlets-exp.war/
      2006-11-10 16:51:36,113 ERROR [org.apache.coyote.http11.Http11BaseProtocol] (main) Error starting endpoint
      java.io.IOException: securityDomain is null.Set it as an attribute in the connector setting
       at org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:125)
       at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:98)
       at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:294)
       at org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:312)
       at org.apache.coyote.http11.Http11BaseProtocol.start(Http11BaseProtocol.java:150)
       at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:75)
       at org.apache.catalina.connector.Connector.start(Connector.java:1089)
       at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590)
       at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153)
       at $Proxy18.handleNotification(Unknown Source)
       at org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127)
       at org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108)
       at org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908)
       at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497)
       at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
       at org.jboss.Main.boot(Main.java:200)
       at org.jboss.Main$1.run(Main.java:490)
       at java.lang.Thread.run(Thread.java:595)
      2006-11-10 16:51:36,153 WARN [org.jboss.web.tomcat.tc5.Tomcat5] (main) Failed to startConnectors
      LifecycleException: service.getName(): "jboss.web"; Protocol handler start failed: java.io.IOException: securityDomain is null.Set it as an attribute in the connector setting
       at org.apache.catalina.connector.Connector.start(Connector.java:1096)
       at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590)
       at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153)
       at $Proxy18.handleNotification(Unknown Source)
       at org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127)
       at org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108)
       at org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908)
       at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497)
       at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
       at org.jboss.Main.boot(Main.java:200)
       at org.jboss.Main$1.run(Main.java:490)
       at java.lang.Thread.run(Thread.java:595)
      2006-11-10 16:51:36,153 INFO [org.jboss.system.server.Server] (main) JBoss (MX MicroKernel) [4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)] Started in 33s:698ms
      


      TIA for any help!