-
Bug
-
Resolution: Done
-
Blocker
-
7.4.1.GA
-
None
-
False
-
False
-
-
-
-
-
-
Rejected
-
-
Latest release of WildFly 24.0.1 isn't able to use recently released OpenSSL 3.0.0 libraries with its wildfly-openssl project.
One can see the following error during the server startup/reload operation when OpenSSL 3.0.0 build is used:
10:54:01,843 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread 1-7) WFLYDS0013: Started FileSystemDeploymentService for directory /tmp/openssl-check/wildfly-24.0.1.Final/standalone/deployments 10:54:01,852 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-4) MSC000001: Failed to start service org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context: WFLYDM0018: Unable to start service at org.jboss.as.domain-management@16.0.1.Final//org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:116) at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990) at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: openssl.TLS, provider: openssl, class: org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi) at java.base/java.security.Provider$Service.newInstance(Provider.java:1901) at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:236) at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:164) at java.base/javax.net.ssl.SSLContext.getInstance(SSLContext.java:168) at org.jboss.as.domain-management@16.0.1.Final//org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:105) ... 8 more Caused by: java.lang.IllegalStateException: Could not load required symbol from libssl: SSL_get_peer_certificate at org.wildfly.openssl@2.1.4.Final//org.wildfly.openssl.SSLImpl.initialize0(Native Method) at org.wildfly.openssl@2.1.4.Final//org.wildfly.openssl.SSLImpl.initialize(SSLImpl.java:33) at org.wildfly.openssl@2.1.4.Final//org.wildfly.openssl.SSL.init(SSL.java:194) at org.wildfly.openssl@2.1.4.Final//org.wildfly.openssl.OpenSSLContextSPI.<init>(OpenSSLContextSPI.java:137) at org.wildfly.openssl@2.1.4.Final//org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi.<init>(OpenSSLContextSPI.java:448) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490) at java.base/java.security.Provider.newInstanceUtil(Provider.java:154) at java.base/java.security.Provider$Service.newInstance(Provider.java:1894) ... 12 more 10:54:01,923 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ ("core-service" => "management"), ("security-realm" => "ApplicationRealm") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context" => "WFLYDM0018: Unable to start service Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: openssl.TLS, provider: openssl, class: org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi) Caused by: java.lang.IllegalStateException: Could not load required symbol from libssl: SSL_get_peer_certificate"}} 10:54:01,929 INFO [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report WFLYCTL0186: Services which failed to start: service org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context: WFLYDM0018: Unable to start service WFLYCTL0448: 2 additional services are down due to their dependencies being missing or failed 10:54:01,958 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server 10:54:01,959 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: WildFly Full 24.0.1.Final (WildFly Core 16.0.1.Final) started (with errors) in 2494ms - Started 309 of 556 services (6 services failed or missing dependencies, 344 services are lazy, passive or on-demand)
See Steps to Reproduce for more info.
I know that WildFly 24.0.1 was released before the OpenSSL 3.0.0 was out so this may be expected. It would be nice to have this fixed in some of the upcoming WildFly releases though.
- clones
-
WFLY-15274 Make WildFly able to use latest OpenSSL 3.0.0 libraries
- Closed
- is caused by
-
SSLNTV-13 Add support for openssl 3.0.0
- Resolved
-
WFSSL-80 Add support for openssl 3.0.0
- Resolved
- is cloned by
-
JBEAP-22563 (7.4.z) WFLY-15274 - Make JBoss EAP able to use latest OpenSSL 3.0.0 libraries
- Closed