Details
-
Bug
-
Resolution: Won't Do
-
Minor
-
7.0.6.GA
-
None
-
None
Description
Getting below ERROR message in server.log when Picketbox Vault expressions used in system properties.:
ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0230: Vault is not initialized; resolution of vault expressions is not possible
Below expressions are resolving fine but due to race condition this ERROR message got printed in the logs.
<system-properties>
<property name="javax.net.ssl.trustStore" value="/home/jboss-eap-7.1/vault/vault.keystore"/>
<property name="javax.net.ssl.trustStorePassword" value="${VAULT::datasource::password::1}"/>
</system-properties>
<vault>
<vault-option name="KEYSTORE_URL" value="/home/jboss-eap-7.1/vault/vault.keystore"/>
<vault-option name="KEYSTORE_PASSWORD" value="MASK-2GAtdnlXL8H"/>
<vault-option name="KEYSTORE_ALIAS" value="vault"/>
<vault-option name="SALT" value="12345678"/>
<vault-option name="ITERATION_COUNT" value="44"/>
<vault-option name="ENC_FILE_DIR" value="/home/jboss-eap-7.1/vault/"/>
</vault>
Expression is actually resolving to the correct value and that can be check using below CLI command :
/core-service=platform-mbean/type=runtime:read-attribute(name=system-properties).
Also please note:
(1) this error occurs both for standalone server (standalone*.xml case) and domain mode (domain.xml) and for domain mode the error occurs even when the boot-time system property is set to false
(2) this was tested for EAP 7.0 using CP5, CP6, CP7, CP8 and it works as expected with CP5 but the bug starts in EAP 7.0.6 (CP6).
(3) referring to (2) above it is possible that this bug may have been caused by CP6 vault fix for: https://issues.jboss.org/browse/JBEAP-8247
(4) please note that this bug is carried forward to EAP7.1Beta as per: https://issues.jboss.org/browse/JBEAP-13116
Attachments
Issue Links
- clones
-
-
- Verified
-
