Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-13586

(7.1.z) Credential store type PKCS12 works fine when using OracleJDK and OpenJDK but doesn't work using IBM JDK.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Critical Critical
    • None
    • 7.1.0.CR3
    • Security
    • None
    • Workaround Exists
    • Hide 
      • /subsystem=elytron/credential-store=cs001:add(create=true, location=cs001.pkcs12, relative-to=jboss.server.data.dir, implementation-properties={keyStoreType=PKCS12},credential-reference={clear-text=pass123})
      • /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret)

        Then it is enough call same CLI command again (tou can call remove-alias, ..)

      • /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret)
        {
    "outcome" => "failed",
    "result" => undefined,
    "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.RuntimeException: WFLYELY00009: Unable to complete operation. 'ELY09504: Cannot acquire a credential from the credential store->Get Key failed: 1.2.840.113549.1.7.1 SecretKeyFactory not available->1.2.840.113549.1.7.1 SecretKeyFactory not available'",
    "rolled-back" => true
}

        We expects here message about Alias already exists in the store

      Show
      /subsystem=elytron/credential-store=cs001:add(create= true , location=cs001.pkcs12, relative-to=jboss.server.data.dir, implementation-properties={keyStoreType=PKCS12},credential-reference={clear-text=pass123}) /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret) Then it is enough call same CLI command again (tou can call remove-alias, ..) /subsystem=elytron/credential-store=cs001:add-alias(alias=alias001, secret-value=alias001secret) { "outcome" => "failed" , "result" => undefined, "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.RuntimeException: WFLYELY00009: Unable to complete operation. 'ELY09504: Cannot acquire a credential from the credential store->Get Key failed: 1.2.840.113549.1.7.1 SecretKeyFactory not available->1.2.840.113549.1.7.1 SecretKeyFactory not available' " , "rolled-back" => true } We expects here message about Alias already exists in the store

      Credential store type PKCS12 works fine when using OracleJDK and OpenJDK.
      Problem occurs when we use IBM JDK, add-alias works fine for first time, but for add-alias for second time with same alias name we expect message about duplicity rather than current error message about SecretKeyFactory not availability.

      "WFLYCTL0158: Operation handler failed: java.lang.RuntimeException: WFLYELY00009: Unable to complete operation. 'ELY09504: Cannot acquire a credential from the credential store->Get Key failed: 1.2.840.113549.1.7.1 SecretKeyFactory not available->1.2.840.113549.1.7.1 SecretKeyFactory not available'",

      NOTE
      I met same problem with Oracle JDK 1.8 u66, with u144 is everythink ok.

              rhn-support-iweiss Ingo Weiss
              hsvabek_jira Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: