Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-9006

Encrypt-protocol can not be used without Elytron

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 7.1.0.DR16
    • 7.1.0.DR12, 7.1.0.DR15, 7.1.0.DR16
    • Clustering

      The reason this has been flagged as a Beta blocker is that in conjunction with JBEAP-9867, we can't configure encrypt protocols. This also blocks an RFE - EAP7-561.

      When we tried to configure UDP stack in JGroups subsystem, we added ASYM_ENCRYPT protocol. According to the model definition attributes "key-store" and "key-alias" together with "credential-reference" child element had to be defined as well. Due to this configuration server failed to start with errors:

      ERROR [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0362: Capabilities required by resource '/subsystem=jgroups/stack=udp/protocol=ASYM_ENCRYPT' are not available:
          org.wildfly.security.key-store.server.keystore; There are no known registration points which can provide this capability.
      FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
      

      We should still be able to define original protocol behaviour without Elytron, but it seems we can not use encrypt-protocol without keystore definition in Elytron which could be a backward compatibility issue.

      Used configuration in standalone-ha.xml is attached.

              pferraro@redhat.com Paul Ferraro
              dcihak@redhat.com Daniel Cihak
              Richard Janik Richard Janik
              Richard Janik Richard Janik
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: