Details
-
Bug
-
Status: Resolved
-
Blocker
-
Resolution: Fixed
-
2.1.8, 2.2.1, 3.0-beta-1
-
Security Level: public (Regular issues)
-
None
Description
To reproduce the issue, you can follow the steps below.
1.Start geronimo 3.0 server.
2.Use keytool command to create a keystore with a key. For example,
keytool -genkeypair -keystore test.jks -alias testkey -keyalg RSA -keysize 2048 -dname "cn=test.apache.org,c=US" -validity 365 -storepass welcome1
3.Copy the keystore to <geronimo-home>\var\security\keystores
4.use deploy encrypt to encrypt the password "welcome",go the encrypt string:
add the string into config-substitution.properties like this:
test.jks = {Simple}
rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AAJ4cHB1cgACW0Ks8xf4BghU4AIAAHhwAAAAEKvo5tkjHVqHlsBtDNRytadwdAADQUVT
testkey =
rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AAJ4cHB1cgACW0Ks8xf4BghU4AIAAHhwAAAAEKvo5tkjHVqHlsBtDNRytadwdAADQUVT
5. restart the server.
6. use deploy unlock-keystore command to unlock test.jks. For example,
deploy -u system -p manager unlock-keystore test.jks
The result is the unlock action seems to success. But you can find an ERROR below in admin console. It will generate a incomplete j2ee-security module in config.xml. When you restart the server, you will fail on it.
2013-02-27 11:41:06,564 WARN [FileKeystoreManager] keystoreType for new keystore "test.jks" set to "jks" based on file extension.
2013-02-27 11:41:06,660 ERROR [LocalAttributeManager] Unable to format attribute of type java.net.URI; no editor found
2013-02-27 11:41:06,660 WARN [BasicProxyManager] Could not load interface org.apache.geronimo.security.keystore.FileKeystoreInsta
nce in provided ClassLoader for org.apache.geronimo.framework/j2ee-security/3.0.0/car?ServiceModule=org.apache.geronimo.framework/
j2ee-security/3.0.0/car,j2eeType=Keystore,name=test.jks