Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-4968

Installing S-Ramp on EAP with installed vault breaks the EAP installation

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • jboss-fuse-6.2.1
    • S-RAMP
    • None
    • % %
    • Customer has viable workaround and S-RAMP is deprecated.
    • Hide

      1. Installed JBoss EAP 6.4:
      $> java -jar ~/software/jboss-eap-6.4.0-installer.jar

      with the following setup:

      • Select the installation path: /home/USER/jboss-eap-6.4.0
      • Select the packs you want to install: All
      • Admin username: admin
      • Admin password: secret-123
      • Would you like to install quickstarts? No
      • Select Port Configuration: Use the default port bindings for standalone and domain modes
      • Enable pure IPv6 configuration: No
      • Choose server startup mode: Don't start the server
      • Configure the logging levels for Red Hat JBoss Enterprise Application Platform? No
      • Configure runtime environment: Perform advanced configuration
      • Install password vault: Yes
      • Enable SSL security: No
      • Enable LDAP authentication: No
      • Install Infinispan Cache: No
      • Add a security-domain: No
      • Install JDBC Driver: Yes
      • Install Datasource: No
      • Configure password vault
      • Vault alias: vault
      • Salt (8-chars): 8675309K
      • Iteration count: 44
      • Vault keystore password: secret123
      • New Keystore location: /home/USER/jboss-eap-6.4.0/vault.keystore
      • Encrypted file directory: /home/USER/jboss-eap-6.4.0/vault

      2. Installed S-RAMP using installer:
      $> cd jboss-eap-6.4.0
      $> java -jar ~/software/sramp-installer-6.2.1.GA-redhat-1.jar

      output showed no errors:
      Skip already existing patch file: fuse-patch-distro-wildfly-1.6.2.zip
      Copy to repository: sramp-distro-6.2.1.GA-redhat-1.zip
      Run command: java -Djboss.home=. -Dlogging.configuration=file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --add file:fusepatch/repository/fuse-patch-distro-wildfly-1.6.2.zip
      Repository already contains fuse-patch-distro-wildfly-1.6.2
      Run command: java -Djboss.home=. -Dlogging.configuration=file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --add file:fusepatch/repository/sramp-distro-6.2.1.GA-redhat-1.zip
      Added sramp-distro-6.2.1.GA-redhat-1
      Run command: java -Djboss.home=. -Dlogging.configuration=file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --update fuse-patch-distro-wildfly
      Patch fuse-patch-distro-wildfly-1.6.2 has already been applied
      Run command: java -Djboss.home=. -Dlogging.configuration=file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --update sramp-distro
      Installed sramp-distro-6.2.1.GA-redhat-1
      Run command: java -Djboss.home=. -jar jboss-modules.jar -mp modules org.wildfly.extras.config --configs sramp --enable
      Processing config for: sramp
      Writing 'layers=artificer,soa,fuse' to: ./modules/layers.conf
      Enable sramp configuration in: ./standalone/configuration/standalone.xml
      Enable sramp configuration in: ./standalone/configuration/standalone-full.xml
      Enable sramp configuration in: ./standalone/configuration/standalone-full-ha.xml
      Enable sramp configuration in: ./standalone/configuration/standalone-ha.xml
      Enable sramp configuration in: ./domain/configuration/domain.xml

      3. Executed "install-artificer.sh" script to create all required keystore files:
      $> cd jboss-eap-6.4.0
      $> ./scripts/artificer/install-artificer.sh

      output showed no errors:
      Please enter a password for the Overlord 'admin' user:
      Please re-enter the password:
      Please enter a password for the EJB/JMS 'artificer' user:
      Please re-enter the password:

      BUILD SUCCESSFUL
      Total time: 27 seconds

      4. Started the EAP server:
      #> su - USER -c "LAUNCH_JBOSS_IN_BACKGROUND=1 /home/USER/jboss-eap-6.4.0/bin/standalone.sh

      but it fails with the following errors:
      ERROR [org.picketlink.common] (ServerService Thread Pool – 62) Exception dealing with handler configuration:: org.picketlink.common.exceptions.TrustKeyProcessingException: java.io.IOException: Keystore was tampered with, or password was incorrect
      ...
      ERROR [org.apache.catalina.core] (ServerService Thread Pool – 62) JBWEB001097: Error starting context /overlord-idp: LifecycleException: java.io.IOException: Keystore was tampered with, or password was incorrect
      ...
      ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool – 62) MSC000001: Failed to start service jboss.web.deployment.default-host./overlord-idp: org.jboss.msc.service.StartException in service jboss.web.deployment.default-host./overlord-idp: org.jboss.msc.service.StartException in anonymous service: JBAS018040: Failed to start context

      Show
      1. Installed JBoss EAP 6.4: $> java -jar ~/software/jboss-eap-6.4.0-installer.jar with the following setup: Select the installation path: /home/USER/jboss-eap-6.4.0 Select the packs you want to install: All Admin username: admin Admin password: secret-123 Would you like to install quickstarts? No Select Port Configuration: Use the default port bindings for standalone and domain modes Enable pure IPv6 configuration: No Choose server startup mode: Don't start the server Configure the logging levels for Red Hat JBoss Enterprise Application Platform? No Configure runtime environment: Perform advanced configuration Install password vault: Yes Enable SSL security: No Enable LDAP authentication: No Install Infinispan Cache: No Add a security-domain: No Install JDBC Driver: Yes Install Datasource: No Configure password vault Vault alias: vault Salt (8-chars): 8675309K Iteration count: 44 Vault keystore password: secret123 New Keystore location: /home/USER/jboss-eap-6.4.0/vault.keystore Encrypted file directory: /home/USER/jboss-eap-6.4.0/vault 2. Installed S-RAMP using installer: $> cd jboss-eap-6.4.0 $> java -jar ~/software/sramp-installer-6.2.1.GA-redhat-1.jar output showed no errors: Skip already existing patch file: fuse-patch-distro-wildfly-1.6.2.zip Copy to repository: sramp-distro-6.2.1.GA-redhat-1.zip Run command: java -Djboss.home=. -Dlogging.configuration= file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --add file:fusepatch/repository/fuse-patch-distro-wildfly-1.6.2.zip Repository already contains fuse-patch-distro-wildfly-1.6.2 Run command: java -Djboss.home=. -Dlogging.configuration= file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --add file:fusepatch/repository/sramp-distro-6.2.1.GA-redhat-1.zip Added sramp-distro-6.2.1.GA-redhat-1 Run command: java -Djboss.home=. -Dlogging.configuration= file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --update fuse-patch-distro-wildfly Patch fuse-patch-distro-wildfly-1.6.2 has already been applied Run command: java -Djboss.home=. -Dlogging.configuration= file:bin/fusepatch-logging.properties -jar jboss-modules.jar -mp modules org.wildfly.extras.patch --update sramp-distro Installed sramp-distro-6.2.1.GA-redhat-1 Run command: java -Djboss.home=. -jar jboss-modules.jar -mp modules org.wildfly.extras.config --configs sramp --enable Processing config for: sramp Writing 'layers=artificer,soa,fuse' to: ./modules/layers.conf Enable sramp configuration in: ./standalone/configuration/standalone.xml Enable sramp configuration in: ./standalone/configuration/standalone-full.xml Enable sramp configuration in: ./standalone/configuration/standalone-full-ha.xml Enable sramp configuration in: ./standalone/configuration/standalone-ha.xml Enable sramp configuration in: ./domain/configuration/domain.xml 3. Executed "install-artificer.sh" script to create all required keystore files: $> cd jboss-eap-6.4.0 $> ./scripts/artificer/install-artificer.sh output showed no errors: Please enter a password for the Overlord 'admin' user: Please re-enter the password: Please enter a password for the EJB/JMS 'artificer' user: Please re-enter the password: BUILD SUCCESSFUL Total time: 27 seconds 4. Started the EAP server: #> su - USER -c "LAUNCH_JBOSS_IN_BACKGROUND=1 /home/USER/jboss-eap-6.4.0/bin/standalone.sh but it fails with the following errors: ERROR [org.picketlink.common] (ServerService Thread Pool – 62) Exception dealing with handler configuration:: org.picketlink.common.exceptions.TrustKeyProcessingException: java.io.IOException: Keystore was tampered with, or password was incorrect ... ERROR [org.apache.catalina.core] (ServerService Thread Pool – 62) JBWEB001097: Error starting context /overlord-idp: LifecycleException: java.io.IOException: Keystore was tampered with, or password was incorrect ... ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool – 62) MSC000001: Failed to start service jboss.web.deployment.default-host./overlord-idp: org.jboss.msc.service.StartException in service jboss.web.deployment.default-host./overlord-idp: org.jboss.msc.service.StartException in anonymous service: JBAS018040: Failed to start context

    Description

      Install EAP with the installer and option 'Install password vault: Yes', then install S-Ramp and run the artificer script.
      Starting EAP then fails with the following:

      16:22:12,237 ERROR [org.picketlink.common] (ServerService Thread Pool -- 61) Exception dealing with handler configuration:: org.picketlink.common.exceptions.TrustKeyProcessingException: java.io.IOException: Keystore was tampered with, or password was incorrect
	at org.picketlink.common.DefaultPicketLinkLogger.keyStoreProcessingError(DefaultPicketLinkLogger.java:304)
	at org.picketlink.identity.federation.core.impl.KeyStoreKeyManager.getSigningKeyPair(KeyStoreKeyManager.java:128) [picketlink-federation-2.5.4.SP4-redhat-1.jar:2.5.4.SP4-redhat-1]
	at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.initHandlersChain(AbstractIDPValve.java:1271) [picketlink-jbas7-2.5.4.SP4-redhat-1.jar:2.5.4.SP4-redhat-1]
	at org.picketlink.identity.federation.bindings.tomcat.idp.AbstractIDPValve.startPicketLink(AbstractIDPValve.java:1548) [picketlink-jbas7-2.5.4.SP4-redhat-1.jar:2.5.4.SP4-redhat-1]
	at org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve.start(IDPWebBrowserSSOValve.java:93) [picketlink-jbas7-2.5.4.SP4-redhat-1.jar:2.5.4.SP4-redhat-1]
	at org.apache.catalina.core.StandardPipeline.start(StandardPipeline.java:223) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.StandardContext.start(StandardContext.java:3716) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.jboss.as.web.deployment.WebDeploymentService.doStart(WebDeploymentService.java:163) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
	at org.jboss.as.web.deployment.WebDeploymentService.access$000(WebDeploymentService.java:61) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
	at org.jboss.as.web.deployment.WebDeploymentService$1.run(WebDeploymentService.java:96) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [rt.jar:1.8.0_60]
	at java.util.concurrent.FutureTask.run(FutureTask.java:266) [rt.jar:1.8.0_60]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_60]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_60]
	at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_60]
	at org.jboss.threads.JBossThread.run(JBossThread.java:122)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect

      Attachments

        Activity

          People

            Unassigned Unassigned
            rhn-support-mputz Martin Weiler (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: