Server can not shutdown or deploy when enable configured encryption and JMX security at the same time -----------------------------------------------------------------------------------------------------
Key: GERONIMO-6310 URL: https://issues.apache.org/jira/browse/GERONIMO-6310 Project: Geronimo Issue Type: Bug Security Level: public (Regular issues) Components: crypto Affects Versions: 3.0-beta-1, 3.0-M1, 2.1.8, 2.1.7 Environment: java version "1.6.0" Java(TM) SE Runtime Environment (build pwi3260sr10-20111208_01(SR10)) IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Windows 7 x86-32 jvmwi3260sr10-201112 07_96808 (JIT enabled, AOT enabled) J9VM - 20111207_096808 JIT - r9_20111107_21307ifx1 GC - 20110519_AA) JCL - 20111104_02 Reporter: Saphen Qiu Assignee: Saphen Qiu Fix For: 2.1.8 1.Enable configured encryption and JMX security in config.xml 2.Start server 3.Execute "deploy.bat --secure unlockKeystore geronimo-default" or "geronimo.bat stop --secure" and they fail 2012-03-26 13:30:03,344 ERROR [EditKeystoreHandler] Unable to unlock keystore geronimo-default for editing. org.apache.geronimo.management.geronimo.KeystoreException: Unable to open keystore with provided password at org.apache.geronimo.security.keystore.FileKeystoreInstance.loadKeystoreData(FileKeystoreInstance.java:664) at org.apache.geronimo.security.keystore.FileKeystoreInstance.ensureLoaded(FileKeystoreInstance.java:706) at org.apache.geronimo.security.keystore.FileKeystoreInstance.listTrustCertificates(FileKeystoreInstance.java:270) at org.apache.geronimo.console.keystores.BaseKeystoreHandler$KeystoreData.unlockEdit(BaseKeystoreHandler.java:252) at org.apache.geronimo.console.keystores.EditKeystoreHandler.actionAfterView(EditKeystoreHandler.java:69) at org.apache.geronimo.console.MultiPagePortlet.processAction(MultiPagePortlet.java:114) at org.apache.pluto.core.PortletServlet.dispatch(PortletServlet.java:218) at org.apache.pluto.core.PortletServlet.doPost(PortletServlet.java:145) at javax.servlet.http.HttpServlet.service(HttpServlet.java:713) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646) at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:551) at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:488) at org.apache.pluto.core.DefaultPortletInvokerService.invoke(DefaultPortletInvokerService.java:167) at org.apache.pluto.core.DefaultPortletInvokerService.action(DefaultPortletInvokerService.java:85) at org.apache.pluto.core.PortletContainerImpl.doAction(PortletContainerImpl.java:219) at org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:121) at org.apache.pluto.driver.PortalDriverServlet.doPost(PortalDriverServlet.java:167) at javax.servlet.http.HttpServlet.service(HttpServlet.java:713) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.geronimo.console.filter.PlutoURLRebuildFilter.doFilter(PlutoURLRebuildFilter.java:48) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.geronimo.console.filter.XSSXSRFFilter.doFilter(XSSXSRFFilter.java:130) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:56) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:563) at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:406) at org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:589) at org.apache.geronimo.tomcat.valve.ThreadCleanerValve.invoke(ThreadCleanerValve.java:40) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:291) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:662) Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771) at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38) at java.security.KeyStore.load(KeyStore.java:1185) at org.apache.geronimo.security.keystore.FileKeystoreInstance.loadKeystoreData(FileKeystoreInstance.java:645) ... 45 more Caused by: java.security.UnrecoverableKeyException: Password verification failed at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769) ... 48 more -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira