Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-18411

java.io.IOException: Invalid secret key format on JCEKS keystores with JDK8 image and templates

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 7.3.0.GA
    • 7.3.0.GA.CR1
    • OpenShift
    • None
    • CR2

      When using templates (https-s2i, amq-s2i, amq-persistent-s2i) with 7.3 JDK8 image EAP pod doesn't start due to error:

      ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([
    ("subsystem" => "elytron"),
    ("key-store" => "jgroups.jceks")
]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.key-store.\"jgroups.jceks\"" => "WFLYELY00004: Unable to start the service.
Caused by: java.io.IOException: Invalid secret key format"}}

      The issue seems to be a regression of CLOUD-2501 and MODULES-363.

      Package `com.sun.crypto.provider` is missing from JAVA_OPTS in 7.3:
      7.3 Beta JAVA_OPTS contain:
      -Djboss.modules.system.pkgs=org.jboss.logmanager,jdk.nashorn.api,com.sun.crypto.provider

      7.3 only has:
      -Djboss.modules.system.pkgs=org.jboss.logmanager,jdk.nashorn.api

      Setting as blocker because it is a regression against 7.3.Beta. This issue doesn't exist in CD18 because CD is JDK11 only and this only affects JDK8 image.

              jmesnil1@redhat.com Jeff Mesnil
              nziakova@redhat.com Nikoleta Ziakova (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: