Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-13586

(7.1.z) Credential store type PKCS12 works fine when using OracleJDK and OpenJDK but doesn't work using IBM JDK.

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Critical
    • Resolution: Won't Fix
    • 7.1.0.CR3
    • None
    • Security
    • None
    • Hide
      • /subsystem=elytron/credential-store=cs001:add(create=true, location=cs001.pkcs12, relative-to=jboss.server.data.dir, implementation-properties={keyStoreType=PKCS12},credential-reference={clear-text=pass123})
      • /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret)

        Then it is enough call same CLI command again (tou can call remove-alias, ..)

      • /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret)
        {
            "outcome" => "failed",
            "result" => undefined,
            "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.RuntimeException: WFLYELY00009: Unable to complete operation. 'ELY09504: Cannot acquire a credential from the credential store->Get Key failed: 1.2.840.113549.1.7.1 SecretKeyFactory not available->1.2.840.113549.1.7.1 SecretKeyFactory not available'",
            "rolled-back" => true
        }
        

        We expects here message about Alias already exists in the store

      Show
      /subsystem=elytron/credential-store=cs001:add(create= true , location=cs001.pkcs12, relative-to=jboss.server.data.dir, implementation-properties={keyStoreType=PKCS12},credential-reference={clear-text=pass123}) /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret) Then it is enough call same CLI command again (tou can call remove-alias, ..) /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret) { "outcome" => "failed" , "result" => undefined, "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.RuntimeException: WFLYELY00009: Unable to complete operation. 'ELY09504: Cannot acquire a credential from the credential store->Get Key failed: 1.2.840.113549.1.7.1 SecretKeyFactory not available->1.2.840.113549.1.7.1 SecretKeyFactory not available' " , "rolled-back" => true } We expects here message about Alias already exists in the store
    • Workaround Exists

    Description

      Credential store type PKCS12 works fine when using OracleJDK and OpenJDK.
      Problem occurs when we use IBM JDK, add-alias works fine for first time, but for add-alias for second time with same alias name we expect message about duplicity rather than current error message about SecretKeyFactory not availability.

      "WFLYCTL0158: Operation handler failed: java.lang.RuntimeException: WFLYELY00009: Unable to complete operation. 'ELY09504: Cannot acquire a credential from the credential store->Get Key failed: 1.2.840.113549.1.7.1 SecretKeyFactory not available->1.2.840.113549.1.7.1 SecretKeyFactory not available'",
      

      NOTE
      I met same problem with Oracle JDK 1.8 u66, with u144 is everythink ok.

      Attachments

        Issue Links

          Activity

            People

              rhn-support-iweiss Ingo Weiss
              hsvabek_jira Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: