RE: Unable to start Pax-Web 8.0.6 by using PFX Certificate.
Grzegorz Grzybek,
Thank you so much for looking into this.
What is you $KARAF_HOME/etc/org.ops4j.pax.web.cfg configuration?
There is no password in org.ops4j.pax.web.cfg file. It was reading external
configuration file. Which is jetty xml file.
$KARAF_HOME/etc/org.ops4j.pax.web.cfg file :-
org.osgi.service.http.port=8181
org.osgi.service.http.secure.enabled=true
org.osgi.service.http.port.secure=8443
org.ops4j.pax.web.listening.addresses=127.0.0.1
org.ops4j.pax.web.config.file = ${karaf.home}/etc/jetty.xml
org.ops4j.pax.web.session.timeout=30
$KARAF_HOME/etc/jetty.xml file :-
/etc/keystores/bems.pfx
/etc/keystores/bems.pfx
OBF: password will generate after
compilation
OBF: : password will generate after
compilation
OBF: : password will generate after
compilation
PKCS12
PKCS12
TLSv1.1
TLSv1
SSL
SSLv2
SSLv2Hello
SSLv3
Thanks,
Vamsi Krishna.
From: Vamsikrishna Koka
Sent: 13 January 2023 00:42
To: u...@karaf.apache.org; iss...@karaf.apache.org; dev@karaf.apache.org
Subject: RE: Unable to start Pax-Web 8.0.6 by using PFX Certificate.
Hi Team,
I have migrated karaf version 4.4.1 and OpenJDK 11 also. Tried to using PFX
file but it was failed due to given below stack trace.
Please can anyone take look at once.
2023-01-12T12:53:03.265-0500 CEF:1 | org.eclipse.jetty.util | 9.4.48.v20220622
| WARN | ID=245 THR=ange controller) CAT=AbstractLifeCycle
MSG=FAILED
Server@21d6680d{FAILED}[9.4.48.v20220622<mailto:Server@21d6680d%7bFAILED%7d[9.4.48.v20220622>]:
java.lang.NullPointerException
java.lang.NullPointerException: null
at
org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1249)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2364)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:373)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
~[?:?]
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
~[?:?]
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:323)
~[?:?]
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
~[?:?]
at
org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:234)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at org.eclipse.jetty.server.Server.doStart(Server.java:401) ~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerWrapper.start(JettyServerWrapper.java:623)
~[?:?]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerController.start(JettyServerController.java:109)
~[?:?]
at
org.ops4j.pax.web.service.internal.Activator.performConfiguration(Activator.java:551)
~[?:?]
at
org.ops4j.pax.web.service.internal.Activator.updateController(Activator.java:441)
~[?:?]
at
org.ops4j.pax.web.service.internal.Activator.lambda$updateServerControllerFactory$1(Activator.java:347)
~[?:?]
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[?:?]
at java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[?:?]
at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
~[?:?]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
~[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
~[?:?]
at java.lang.Thread.run(Thread.java:829) ~[?:?]
2023-01-12T12:53:03.281-0500 CEF:1 | org.ops4j.pax.web.pax-web-runtime | 8.0.6
| ERROR | ID=274 THR=ange controller) CAT=Activator
MSG=Unable to start P
Re: Unable to start Pax-Web 8.0.6 by using PFX Certificate.
Hello
Having just:
in KARAF_HOME/etc/jetty.xml is not enough to have proper SSL configuration.
In Karaf, when you install "pax-web-http-jetty" you'll get
KARAF_HOME/etc/org.ops4j.pax.web.cfg template with this section:
# secure connector configuration
org.osgi.service.http.secure.enabled = false
#org.osgi.service.http.port.secure = 8443
#org.ops4j.pax.web.ssl.truststore = ${karaf.etc}/server.keystore
#org.ops4j.pax.web.ssl.truststore.password = passw0rd
#org.ops4j.pax.web.ssl.truststore.type = JKS
#org.ops4j.pax.web.ssl.keystore = ${karaf.etc}/server.keystore
#org.ops4j.pax.web.ssl.keystore.password = passw0rd
#org.ops4j.pax.web.ssl.keystore.type = JKS
#org.ops4j.pax.web.ssl.key.password = passw0rd
#org.ops4j.pax.web.ssl.key.alias = server
#org.ops4j.pax.web.ssl.clientauth.needed = false
#org.ops4j.pax.web.ssl.protocols.included = TLSv1.3
#org.ops4j.pax.web.ssl.protocol = TLSv1.3
#org.ops4j.pax.web.ssl.protocols.included = TLSv1.2 TLSv1.3
#org.ops4j.pax.web.ssl.ciphersuites.included =
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384
#org.ops4j.pax.web.ssl.secureRandom.algorithm = NativePRNGNonBlocking
#org.ops4j.pax.web.ssl.renegotiationAllowed = true
#org.ops4j.pax.web.ssl.session.enabled = true
so you can use it for SSL configuration. Next week I'll check what's the
actual problem with your config - see here for follow-up:
https://github.com/ops4j/org.ops4j.pax.web/issues/1821
regards
Grzegorz Grzybek
pt., 13 sty 2023 o 15:31 Vamsikrishna Koka
napisał(a):
> + dev@karaf.apache.org<mailto:dev@karaf.apache.org>
>
> From: Vamsikrishna Koka
> Sent: 13 January 2023 19:16
> To: u...@karaf.apache.org; iss...@karaf.apache.org
> Subject: RE: Unable to start Pax-Web 8.0.6 by using PFX Certificate.
>
> Thank you so much for looking into this @Grzegorz Grzybek.
>
> What is you $KARAF_HOME/etc/org.ops4j.pax.web.cfg configuration?
>
> There is no password in org.ops4j.pax.web.cfg file. It was reading
> external configuration file. Which is jetty xml file.
>
> $KARAF_HOME/etc/org.ops4j.pax.web.cfg file :-
>
> org.osgi.service.http.port=8181
> org.osgi.service.http.secure.enabled=true
> org.osgi.service.http.port.secure=8443
> org.ops4j.pax.web.listening.addresses=127.0.0.1
> org.ops4j.pax.web.config.file = ${karaf.home}/etc/jetty.xml
> org.ops4j.pax.web.session.timeout=30
>
> $KARAF_HOME/etc/jetty.xml file :-
>
> id="sslContextFactory">
>
>name="jetty.home"/>/etc/keystores/bems.pfx
>
>name="jetty.home"/>/etc/keystores/bems.pfx
>
> OBF: password will generate after
> compilation
> OBF: : password will generate after
> compilation
> OBF: : password will generate after
> compilation
> PKCS12
> PKCS12
>
>
>
> TLSv1.1
> TLSv1
> SSL
> SSLv2
> SSLv2Hello
> SSLv3
>
>
>
> Thanks,
> Vamsi Krishna.
>
> From: Vamsikrishna Koka
> Sent: Friday, January 13, 2023 12:42 AM
> To: 'u...@karaf.apache.org' u...@karaf.apache.org>>; 'iss...@karaf.apache.org' <
> iss...@karaf.apache.org<mailto:iss...@karaf.apache.org>>;
> dev@karaf.apache.org<mailto:dev@karaf.apache.org>
> Subject: RE: Unable to start Pax-Web 8.0.6 by using PFX Certificate.
>
> Hi Team,
>
> I have migrated karaf version 4.4.1 and OpenJDK 11 also. Tried to using
> PFX file but it was failed due to given below stack trace.
>
> Please can anyone take look at once.
>
> 2023-01-12T12:53:03.265-0500 CEF:1 | org.eclipse.jetty.util |
> 9.4.48.v20220622 | WARN | ID=245 THR=ange controller)
> CAT=AbstractLifeCycleMSG=FAILED Server@21d6680d
> {FAILED}[9.4.48.v20220622<mailto:Server@21d6680d%7bFAILED%7d[9.4.48.v20220622>]:
> java.lang.NullPointerException
> java.lang.NullPointerException: null
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1249)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2364)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:373)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(C
Re: Unable to start Pax-Web 8.0.6 by using PFX Certificate.
Hello
What is you $KARAF_HOME/etc/org.ops4j.pax.web.cfg configuration? (please
remove the password values).
regards
Grzegorz Grzybek
czw., 12 sty 2023 o 20:14 Vamsikrishna Koka
napisał(a):
> Hi Team,
>
> I have migrated karaf version 4.4.1 and OpenJDK 11 also. Tried to using
> PFX file but it was failed due to given below stack trace.
>
> Please can anyone take look at once.
>
> 2023-01-12T12:53:03.265-0500 CEF:1 | org.eclipse.jetty.util |
> 9.4.48.v20220622 | WARN | ID=245 THR=ange controller)
> CAT=AbstractLifeCycleMSG=FAILED Server@21d6680d
> {FAILED}[9.4.48.v20220622]:
> java.lang.NullPointerException
> java.lang.NullPointerException: null
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1249)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2364)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:373)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> ~[?:?]
> at
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> ~[?:?]
> at
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:323)
> ~[?:?]
> at
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> ~[?:?]
> at
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:234)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
> ~[?:?]
> at org.eclipse.jetty.server.Server.doStart(Server.java:401) ~[?:?]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
> ~[?:?]
> at
> org.ops4j.pax.web.service.jetty.internal.JettyServerWrapper.start(JettyServerWrapper.java:623)
> ~[?:?]
> at
> org.ops4j.pax.web.service.jetty.internal.JettyServerController.start(JettyServerController.java:109)
> ~[?:?]
> at
> org.ops4j.pax.web.service.internal.Activator.performConfiguration(Activator.java:551)
> ~[?:?]
> at
> org.ops4j.pax.web.service.internal.Activator.updateController(Activator.java:441)
> ~[?:?]
> at
> org.ops4j.pax.web.service.internal.Activator.lambda$updateServerControllerFactory$1(Activator.java:347)
> ~[?:?]
> at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
> ~[?:?]
> at java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[?:?]
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
> ~[?:?]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
> ~[?:?]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
> ~[?:?]
> at java.lang.Thread.run(Thread.java:829) ~[?:?]
> 2023-01-12T12:53:03.281-0500 CEF:1 | org.ops4j.pax.web.pax-web-runtime |
> 8.0.6 | ERROR | ID=274 THR=ange controller) CAT=Activator
> MSG=Unable to start Pax Web server: null
> java.lang.NullPointerException: null
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1249)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2364)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:373)
> ~[?:?]
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> ~[?:?]
> at
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
> ~[?:?]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
> ~[?:?]
> at
>
RE: Unable to start Pax-Web 8.0.6 by using PFX Certificate.
Hi Team,
I have migrated karaf version 4.4.1 and OpenJDK 11 also. Tried to using PFX
file but it was failed due to given below stack trace.
Please can anyone take look at once.
2023-01-12T12:53:03.265-0500 CEF:1 | org.eclipse.jetty.util | 9.4.48.v20220622
| WARN | ID=245 THR=ange controller) CAT=AbstractLifeCycle
MSG=FAILED
Server@21d6680d{FAILED}[9.4.48.v20220622]:
java.lang.NullPointerException
java.lang.NullPointerException: null
at
org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1249)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2364)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:373)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
~[?:?]
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
~[?:?]
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:323)
~[?:?]
at
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
~[?:?]
at
org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:234)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at org.eclipse.jetty.server.Server.doStart(Server.java:401) ~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerWrapper.start(JettyServerWrapper.java:623)
~[?:?]
at
org.ops4j.pax.web.service.jetty.internal.JettyServerController.start(JettyServerController.java:109)
~[?:?]
at
org.ops4j.pax.web.service.internal.Activator.performConfiguration(Activator.java:551)
~[?:?]
at
org.ops4j.pax.web.service.internal.Activator.updateController(Activator.java:441)
~[?:?]
at
org.ops4j.pax.web.service.internal.Activator.lambda$updateServerControllerFactory$1(Activator.java:347)
~[?:?]
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[?:?]
at java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[?:?]
at
java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
~[?:?]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
~[?:?]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
~[?:?]
at java.lang.Thread.run(Thread.java:829) ~[?:?]
2023-01-12T12:53:03.281-0500 CEF:1 | org.ops4j.pax.web.pax-web-runtime | 8.0.6
| ERROR | ID=274 THR=ange controller) CAT=Activator
MSG=Unable to start Pax Web server: null
java.lang.NullPointerException: null
at
org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1249)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2364)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:373)
~[?:?]
at
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:244)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
~[?:?]
at
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
~[?:?]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
~[?:?]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
~[?:?]
at
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:323)
~[?:?]
at
