Uploaded image for project: 'JBoss Web Services'
  1. JBoss Web Services
  2. JBWS-4410

Expired certificates used in tests

XMLWordPrintable

      There seems to be a lot of expired certificates used across the testsuite.
      You can list the validity of those (each of them is using either `changeit` or `secret` as password):

      find -type f -name *store | xargs -I{} bash -c "echo {};(keytool -list -v -keystore {} -storepass changeit 2>/dev/null || keytool -list -v -keystore {} -storepass secret 2>/dev/null) | grep 'Valid from:'"

./modules/testsuite/shared-tests/src/test/etc/test.truststore
Valid from: Tue Sep 11 15:14:24 CEST 2012 until: Mon Dec 10 14:14:24 CET 2012
Valid from: Tue Jul 17 17:15:09 CEST 2012 until: Mon Oct 15 17:15:09 CEST 2012
./modules/testsuite/shared-tests/src/test/etc/test.keystore
Valid from: Tue Jul 17 17:15:09 CEST 2012 until: Mon Oct 15 17:15:09 CEST 2012
./modules/testsuite/shared-tests/src/test/etc/client.keystore
Valid from: Tue Sep 11 15:14:24 CEST 2012 until: Mon Dec 10 14:14:24 CET 2012
./modules/testsuite/cxf-tests/src/test/etc/serverTwoWaySSL.truststore
Valid from: Mon Jul 15 17:40:44 CEST 2019 until: Tue Jul 14 17:40:44 CEST 2020
./modules/testsuite/cxf-tests/src/test/etc/serverTwoWaySSL.keystore
Valid from: Fri Aug 02 03:42:27 CEST 2019 until: Wed Aug 02 03:42:27 CEST 2119
./modules/testsuite/cxf-tests/src/test/etc/test.truststore
Valid from: Wed Aug 21 17:45:22 CEST 2013 until: Sat Aug 19 17:45:22 CEST 2023
Valid from: Wed Aug 21 17:44:41 CEST 2013 until: Sat Aug 19 17:44:41 CEST 2023
./modules/testsuite/cxf-tests/src/test/etc/test.keystore
Valid from: Wed Aug 21 17:44:41 CEST 2013 until: Sat Aug 19 17:44:41 CEST 2023
./modules/testsuite/cxf-tests/src/test/etc/client.keystore
Valid from: Wed Aug 21 17:45:22 CEST 2013 until: Sat Aug 19 17:45:22 CEST 2023
./modules/testsuite/cxf-tests/src/test/etc/clientTwoWaySSL.truststore
Valid from: Fri Aug 02 03:42:27 CEST 2019 until: Wed Aug 02 03:42:27 CEST 2119
./modules/testsuite/cxf-tests/src/test/etc/clientTwoWaySSL.keystore
Valid from: Mon Jul 15 17:40:44 CEST 2019 until: Tue Jul 14 17:40:44 CEST 2020
./modules/testsuite/cxf-tests/src/test/etc/client.truststore
Valid from: Mon Aug 05 21:59:10 CEST 2019 until: Tue Aug 04 21:59:10 CEST 2020
Valid from: Wed Aug 21 17:44:41 CEST 2013 until: Sat Aug 19 17:44:41 CEST 2023
./modules/testsuite/cloud-tests/test-feature-pack/src/main/resources/content/standalone/configuration/jbossws/test.keystore
Valid from: Wed Aug 21 17:44:41 CEST 2013 until: Sat Aug 19 17:44:41 CEST 2023

      As you can see almost all of them are expired.

      I don't see any tests to fail because of that but I noticed the exception at server side when server is started: 

      16:31:40 15:31:40,953 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-3) WFLYELY00024: Certificate [tomcat] in KeyStore is not valid: java.security.cert.CertificateExpiredException: NotAfter: Sat Aug 19 15:44:41 UTC 2023
16:31:40 	at java.base/sun.security.x509.CertificateValidity.valid(CertificateValidity.java:277)
16:31:40 	at java.base/sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:675)
16:31:40 	at java.base/sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:648)
16:31:40 	at org.wildfly.extension.elytron@21.0.5.Final-redhat-00001//org.wildfly.extension.elytron.KeyStoreService.checkCertificatesValidity(KeyStoreService.java:230)
16:31:40 	at org.wildfly.extension.elytron@21.0.5.Final-redhat-00001//org.wildfly.extension.elytron.KeyStoreService.start(KeyStoreService.java:192)
16:31:40 	at org.jboss.msc@1.5.1.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1617)
16:31:40 	at org.jboss.msc@1.5.1.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1580)
16:31:40 	at org.jboss.msc@1.5.1.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1438)
16:31:40 	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
16:31:40 	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
16:31:40 	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
16:31:40 	at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1363)
16:31:40 	at java.base/java.lang.Thread.run(Thread.java:834

            rhn-support-asoldano Alessio Soldano
            jbliznak@redhat.com Jan Blizňák
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: