Details
-
Bug
-
Resolution: Done
-
Critical
-
7.4.1.GA
-
None
Description
Latest release of JBoss EAP 7.4.1 isn't able to use recently released OpenSSL 3.0.0 libraries with its wildfly-openssl project.
One can see the following error during the server startup/reload operation when OpenSSL 3.0.0 build is used:
00:24:52,701 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread 1-7) WFLYDS0013: Started FileSystemDeploymentService for directory /tmp/repro/jboss-eap-7.4/standalone/deployments 00:24:52,712 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context: WFLYDM0018: Unable to start service at org.jboss.as.domain-management@15.0.4.Final-redhat-00001//org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:116) at org.jboss.msc@1.4.12.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) at org.jboss.msc@1.4.12.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) at org.jboss.msc@1.4.12.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990) at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads@2.4.0.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: openssl.TLS, provider: openssl, class: org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi) at java.base/java.security.Provider$Service.newInstance(Provider.java:1901) at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:236) at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:164) at java.base/javax.net.ssl.SSLContext.getInstance(SSLContext.java:168) at org.jboss.as.domain-management@15.0.4.Final-redhat-00001//org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:105) ... 8 more Caused by: java.lang.RuntimeException: java.lang.reflect.InvocationTargetException at org.wildfly.openssl@2.1.3.Final-redhat-00001//org.wildfly.openssl.SSL.init(SSL.java:87) at org.wildfly.openssl@2.1.3.Final-redhat-00001//org.wildfly.openssl.OpenSSLContextSPI.<init>(OpenSSLContextSPI.java:137) at org.wildfly.openssl@2.1.3.Final-redhat-00001//org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi.<init>(OpenSSLContextSPI.java:448) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490) at java.base/java.security.Provider.newInstanceUtil(Provider.java:154) at java.base/java.security.Provider$Service.newInstance(Provider.java:1894) ... 12 more Caused by: java.lang.reflect.InvocationTargetException at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.wildfly.openssl@2.1.3.Final-redhat-00001//org.wildfly.openssl.SSL.init(SSL.java:82) ... 20 more Caused by: java.lang.UnsatisfiedLinkError: no wfssl in java.library.path: [/usr/java/packages/lib, /usr/lib64, /lib64, /lib, /usr/lib] at java.base/java.lang.ClassLoader.loadLibrary(ClassLoader.java:2670) at java.base/java.lang.Runtime.loadLibrary0(Runtime.java:830) at java.base/java.lang.System.loadLibrary(System.java:1873) at org.wildfly.openssl.SSL$LibraryLoader.load(SSL.java:288) ... 25 more 00:24:52,733 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ ("core-service" => "management"), ("security-realm" => "ApplicationRealm") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context" => "WFLYDM0018: Unable to start service Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: openssl.TLS, provider: openssl, class: org.wildfly.openssl.OpenSSLContextSPI$OpenSSLTLSContextSpi) Caused by: java.lang.RuntimeException: java.lang.reflect.InvocationTargetException Caused by: java.lang.reflect.InvocationTargetException Caused by: java.lang.UnsatisfiedLinkError: no wfssl in java.library.path: [/usr/java/packages/lib, /usr/lib64, /lib64, /lib, /usr/lib]"}}
See Steps to Reproduce for more info.
It looks that OpenSSL 3.0.0 will be part of the RHEL9 release. To be able to certify JBoss EAP 7.4.x stream against RHEL9, we need to support that version of OpenSSL in EAP too.
Attachments
Issue Links
- clones
-
-
- Verified
-
-
-
- Closed
-
- is caused by
-
WFSSL-80 Add support for openssl 3.0.0
-
- Resolved
-
- is incorporated by
-
JBEAP-22911 (7.4.z) Upgrade OpenSSL from 2.1.3.Final-redhat-00001 to 2.2.0.Final-redhat-00001
-
- Closed
-
-
-
- Closed
-
