Details
-
Bug
-
Resolution: Done
-
Critical
-
jboss-fuse-6.2
-
None
-
%
-
Description
When new messaging profile is generated through mq-create, mq-create service doesn't find already existing keystore in default profile and keeps generating new one. The new keystore and trustore are used before the default one, broker fails to start due to invalid password error.
mq-service log:
2015-02-24 05:09:01,010 | WARN | tp1454723281-140 | SchemaLookup | io.hawt.jsonschema.SchemaLookup 95 | 170 - io.hawt.hawtio-json-schema-mbean - 1.5.0.redhat-077 | Failed to find class for io.hawt.jsonschema.internal.customizers.io.fabric8.api.jmx.MQBrokerConfigDTOSchemaCustomizer 2015-02-24 05:09:08,223 | INFO | tp1454723281-140 | MQServiceImpl | io.fabric8.service.MQServiceImpl 125 | 75 - io.fabric8.fabric-core - 1.2.0.redhat-072 | Generating ssl keystore... 2015-02-24 05:09:33,797 | INFO | tp1454723281-140 | MQServiceImpl | io.fabric8.service.MQServiceImpl 143 | 75 - io.fabric8.fabric-core - 1.2.0.redhat-072 | Keystore generated 2015-02-24 05:09:33,802 | INFO | tp1454723281-140 | MQServiceImpl | io.fabric8.service.MQServiceImpl 170 | 75 - io.fabric8.fabric-core - 1.2.0.redhat-072 | Exporting broker certificate to create truststore.jks 2015-02-24 05:09:34,434 | INFO | output processor | MQServiceImpl | .fabric8.service.MQServiceImpl$1 260 | 75 - io.fabric8.fabric-core - 1.2.0.redhat-072 | keytool: Certificate stored in file </var/lib/openshift/54ec3fa96892dfb5e70004d4/fuse/container/data/tmp/14247724743305654336602472710695.tmp> 2015-02-24 05:09:34,438 | INFO | tp1454723281-140 | MQServiceImpl | io.fabric8.service.MQServiceImpl 182 | 75 - io.fabric8.fabric-core - 1.2.0.redhat-072 | Creating truststore.jks 2015-02-24 05:09:35,023 | INFO | output processor | MQServiceImpl | .fabric8.service.MQServiceImpl$1 260 | 75 - io.fabric8.fabric-core - 1.2.0.redhat-072 | keytool: Certificate was added to keystore 2015-02-24 05:09:35,044 | INFO | tp1454723281-140 | ProfileServiceImpl | ric8.internal.ProfileServiceImpl 138 | 75 - io.fabric8.fabric-core - 1.2.0.redhat-072 | createProfile: Profile[ver=1.0,id=mq-broker-default.amq,atts={parents=mq-base}] 2015-02-24 05:09:35,860 | INFO | tp1454723281-140 | DefaultPullPushPolicy | t.internal.DefaultPullPushPolicy 214 | 77 - io.fabric8.fabric-git - 1.2.0.redhat-072 | Pushing last change to: http://fuse-test.example.com:80/git/fabric/ 2015-02-24 05:09:36,108 | INFO | tp1454723281-156 | FabricGitServlet | abric8.git.http.FabricGitServlet 84 | 102 - io.fabric8.fabric-git-server - 1.2.0.redhat-072 | GitHttp service res=HTTP/1.1 200
Broker log:
2015-02-24 11:13:46,472 | INFO | pool-63-thread-1 | ActiveMQServiceFactory | mq.fabric.ActiveMQServiceFactory 136 | 164 - io.fabric8.mq.mq-fabric - 1.2.0.redhat-072 | Broker amq failed to start. Will try again in 10 seconds 2015-02-24 11:13:46,473 | ERROR | pool-63-thread-1 | ActiveMQServiceFactory | Factory$ClusteredConfiguration$1 556 | 164 - io.fabric8.mq.mq-fabric - 1.2.0.redhat-072 | Exception on start: Error creating bean with name 'org.apache.activemq.xbean.XBeanBrokerService#0' defined in URL [profile:broker.xml]: Cannot create inner bean '(inner bean)#3f72454e' of type [org.apache.activemq.spring.SpringSslContext] while setting bean property 'sslContext'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#3f72454e' defined in URL [profile:broker.xml]: Invocation of init method failed; nested exception is java.io.IOException: Keystore was tampered with, or password was incorrect org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.apache.activemq.xbean.XBeanBrokerService#0' defined in URL [profile:broker.xml]: Cannot create inner bean '(inner bean)#3f72454e' of type [org.apache.activemq.spring.SpringSslContext] while setting bean property 'sslContext'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#3f72454e' defined in URL [profile:broker.xml]: Invocation of init method failed; nested exception is java.io.IOException: Keystore was tampered with, or password was incorrect at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:287)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:129)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1419)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1160)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:458)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:293)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:223)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:290)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:191)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:636)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:934)[182:org.apache.servicemix.bundles.spring-context:3.2.12.RELEASE_1] at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:479)[182:org.apache.servicemix.bundles.spring-context:3.2.12.RELEASE_1] at org.apache.xbean.spring.context.ResourceXmlApplicationContext.<init>(ResourceXmlApplicationContext.java:64)[192:org.apache.xbean.spring:3.18.0] at org.apache.xbean.spring.context.ResourceXmlApplicationContext.<init>(ResourceXmlApplicationContext.java:52)[192:org.apache.xbean.spring:3.18.0] at io.fabric8.mq.fabric.ActiveMQServiceFactory$1.<init>(ActiveMQServiceFactory.java:197)[164:io.fabric8.mq.mq-fabric:1.2.0.redhat-072] at io.fabric8.mq.fabric.ActiveMQServiceFactory.createBroker(ActiveMQServiceFactory.java:197)[164:io.fabric8.mq.mq-fabric:1.2.0.redhat-072] at io.fabric8.mq.fabric.ActiveMQServiceFactory$ClusteredConfiguration.doStart(ActiveMQServiceFactory.java:590)[164:io.fabric8.mq.mq-fabric:1.2.0.redhat-072] at io.fabric8.mq.fabric.ActiveMQServiceFactory$ClusteredConfiguration.access$700(ActiveMQServiceFactory.java:413)[164:io.fabric8.mq.mq-fabric:1.2.0.redhat-072] at io.fabric8.mq.fabric.ActiveMQServiceFactory$ClusteredConfiguration$1.run(ActiveMQServiceFactory.java:545)[164:io.fabric8.mq.mq-fabric:1.2.0.redhat-072] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)[:1.7.0_75] at java.util.concurrent.FutureTask.run(FutureTask.java:262)[:1.7.0_75] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)[:1.7.0_75] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)[:1.7.0_75] at java.lang.Thread.run(Thread.java:745)[:1.7.0_75] Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#3f72454e' defined in URL [profile:broker.xml]: Invocation of init method failed; nested exception is java.io.IOException: Keystore was tampered with, or password was incorrect at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1514)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:521)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:458)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:276)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] ... 24 more Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)[:1.7.0_75] at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)[:1.7.0_75] at java.security.KeyStore.load(KeyStore.java:1214)[:1.7.0_75] at org.apache.activemq.spring.SpringSslContext.createKeyManagerKeyStore(SpringSslContext.java:135)[170:org.apache.activemq.activemq-osgi:5.11.0.redhat-620077] at org.apache.activemq.spring.SpringSslContext.createKeyManagers(SpringSslContext.java:102)[170:org.apache.activemq.activemq-osgi:5.11.0.redhat-620077] at org.apache.activemq.spring.SpringSslContext.afterPropertiesSet(SpringSslContext.java:79)[170:org.apache.activemq.activemq-osgi:5.11.0.redhat-620077] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.7.0_75] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)[:1.7.0_75] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.7.0_75] at java.lang.reflect.Method.invoke(Method.java:606)[:1.7.0_75] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1640)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1581)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1511)[181:org.apache.servicemix.bundles.spring-beans:3.2.12.RELEASE_1] ... 27 more Caused by: java.security.UnrecoverableKeyException: Password verification failed at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)[:1.7.0_75] ... 39 more
I believe this part of ssl-broker.xml#openshift should be changed also
Attachments
Issue Links
- is related to
-
ENTESB-2309 mq-base profile ssl-broker.xml#openshift file uses OPENSHIFT_FUSE_AMQ_PORT instead of OPENSHIFT_FUSE_OPENWIRE_PORT
- Closed