Password for keystore in Pax-Web 8.0.6

Mon, 25 Jul 2022 05:16:51 -0700 

Last week I upgraded my application from Karaf 4.3.7 to Karaf 4.4.1 and 
Pax-Web 8.0.6. 
After finding the correct features that I have to install now the 
application started to work.
However the SSL-Setup is not working. In the logs found the following 
exception:

2022-07-25T13:42:01,221 | INFO  | paxweb-config-3-thread-1 (change 
controller) | AbstractConnector                | 74 - 
org.eclipse.jetty.util - 9.4.48.v20220622 | Started 
default@4dae28f6{HTTP/1.1, (http/1.1)}{0.0.0.0:80}
2022-07-25T13:42:01,233 | INFO  | paxweb-config-3-thread-1 (change 
controller) | SslContextFactory                | 74 - 
org.eclipse.jetty.util - 9.4.48.v20220622 | 
x509=X509@3d4fe3bd(de,h=[2344dad.app.de],a=[],w=[]) for 
Server@7ecec4ac[provider=null,keyStore=file:///C:/Tools/apache-karaf-4.4.1/etc/keystore,trustStore=null]
2022-07-25T13:42:01,237 | ERROR | paxweb-config-3-thread-1 (change 
controller) | Activator                        | 82 - 
org.ops4j.pax.web.pax-web-runtime - 8.0.6 | Unable to start Pax Web server: 
Password must not be null
java.security.UnrecoverableKeyException: Password must not be null
    at 
sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:134) 
~[?:1.8.0_292]
    at 
sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:57) 
~[?:1.8.0_292]
    at 
sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96) 
~[?:1.8.0_292]
    at 
sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:71)
 
~[?:1.8.0_292]
    at java.security.KeyStore.getKey(KeyStore.java:1023) ~[?:1.8.0_292]
    at 
sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:145) 
~[?:1.8.0_292]
    at 
sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)
 
~[?:1.8.0_292]
    at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256) 
~[?:1.8.0_292]
    at 
org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1249)
 
~[?:?]
    at 
org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2364)
 
~[?:?]
    at 
org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:373) 
~[?:?]
    at 
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244)
 
~[?:?]
    at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 
~[?:?]
    at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
 
~[?:?]
    at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
 
~[?:?]
    at 
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
 
~[?:?]
    at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 
~[?:?]
    at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
 
~[?:?]
    at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
 
~[?:?]
    at 
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:323) 
~[?:?]
    at 
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
 
~[?:?]
    at 
org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:234) 
~[?:?]
    at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 
~[?:?]
    at org.eclipse.jetty.server.Server.doStart(Server.java:401) ~[?:?]
    at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
 
~[?:?]
    at 
org.ops4j.pax.web.service.jetty.internal.JettyServerWrapper.start(JettyServerWrapper.java:623)
 
~[?:?]
    at 
org.ops4j.pax.web.service.jetty.internal.JettyServerController.start(JettyServerController.java:109)
 
~[?:?]
    at 
org.ops4j.pax.web.service.internal.Activator.performConfiguration(Activator.java:551)
 
~[?:?]
    at 
org.ops4j.pax.web.service.internal.Activator.updateController(Activator.java:441)
 
~[?:?]
    at 
org.ops4j.pax.web.service.internal.Activator.lambda$updateServerControllerFactory$1(Activator.java:347)
 
~[?:?]
    at 
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) 
~[?:1.8.0_292]
    at java.util.concurrent.FutureTask.run(FutureTask.java:266) 
~[?:1.8.0_292]
    at 
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
 
~[?:1.8.0_292]
    at 
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
 
~[?:1.8.0_292]
    at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 
~[?:1.8.0_292]
    at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 
~[?:1.8.0_292]
    at java.lang.Thread.run(Thread.java:748) ~[?:1.8.0_292]

I am reusing the same org.ops4j.pax.web.cfg file from Karaf 4.3.7 and also 
the same keystore.  Passwords for the keystore are stored in the properties
org.ops4j.pax.web.ssl.password
org.ops4j.pax.web.ssl.keypassword

The passwords in are obfuscated with OBR. 

What can be the problem here?

Regards

   Richard


-- 
-- 
------------------
OPS4J - http://www.ops4j.org - [email protected]

--- 
You received this message because you are subscribed to the Google Groups 
"OPS4J" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ops4j/99ee7272-08e6-45b7-9da3-d0af68b8cb1cn%40googlegroups.com.

Reply via email to