Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-4412

jboss-cli.bat: Setting keystore-path in a new security-realm interprets \ (backslash) in Windows paths

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Rejected
    • Affects Version/s: 7.0.0.CR2, 7.1.0.DR4
    • Fix Version/s: None
    • Component/s: CLI
    • Labels:
      None
    • Target Release:
    • Affects:
      Release Notes
    • Release Notes Docs Status:
      Not Yet Documented
    • Release Notes Text:
      Known issue

      Description

      [standalone@localhost:9990 /] /core-service=management/security-realm=JBossTestClient/authentication=truststore:add(keystore-path="C:\qa\hudson_workspace\noe-tests\resources\ssl\proper\ca-cert.jks", keystore-password="tomcat")
      {
          "outcome" => "success",
          "response-headers" => {
              "operation-requires-reload" => true,
              "process-state" => "reload-required"
          }
      }
      

      results in erroneous:

      <security-realm name="JBossTestClient">
          <server-identities>
              <ssl protocol="TLSv1">
                  <engine enabled-cipher-suites="TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"/>
                  <keystore provider="JKS" path="C:qahudson_workspace&#xa;oe-tests&#xd;esourcessslproperclient-cert-key.jks" keystore-password="tomcat" alias="javaclient"/>
              </ssl>
          </server-identities>
          <authentication>
              <truststore path="C:qahudson_workspace&#xa;oe-tests&#xd;esourcessslproperca-cert.jks" keystore-password="tomcat"/>
          </authentication>
      </security-realm>
      

      whereas:

      [standalone@localhost:9990 /] /core-service=management/security-realm=JBossTestClient/authentication=truststore:add(keystore-path="C:/qa/hudson_workspace/noe-tests/resources/ssl/proper/ca-cert.jks", keystore-password="tomcat")
      {
          "outcome" => "success",
          "response-headers" => {
              "operation-requires-reload" => true,
              "process-state" => "reload-required"
          }
      }
      

      is processed correctly:

                  <security-realm name="JBossTestClient">
                      <authentication>
                          <truststore path="C:/qa/hudson_workspace/noe-tests/resources/ssl/proper/ca-cert.jks" keystore-password="tomcat"/>
                      </authentication>
                  </security-realm>
      

      For a reference, mod_cluster subsystem processes the backslashes from CLI without a hiccup:

      <subsystem xmlns="urn:jboss:domain:modcluster:2.0">
      <mod-cluster-config advertise-socket="modcluster" connector="https">
      <dynamic-load-provider>
      <load-metric type="cpu"/>
      </dynamic-load-provider>
      <ssl key-alias="javaclient" password="tomcat" certificate-key-file="C:\qa\hudson_workspace\noe-tests\resources\ssl\proper\client-cert-key.jks" cipher-suite="TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV" protocol="TLSv1" ca-certificate-file="C:\qa\hudson_workspace\noe-tests\resources\ssl\proper\ca-cert.jks"/>
      </mod-cluster-config>
      </subsystem>
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  jdenise Jean Francois Denise
                  Reporter:
                  mbabacek Michal Karm
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  8 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: