Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-9006

Encrypt-protocol can not be used without Elytron

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 7.1.0.DR16
    • 7.1.0.DR12, 7.1.0.DR15, 7.1.0.DR16
    • Clustering

    Description

      The reason this has been flagged as a Beta blocker is that in conjunction with JBEAP-9867, we can't configure encrypt protocols. This also blocks an RFE - EAP7-561.

      When we tried to configure UDP stack in JGroups subsystem, we added ASYM_ENCRYPT protocol. According to the model definition attributes "key-store" and "key-alias" together with "credential-reference" child element had to be defined as well. Due to this configuration server failed to start with errors:

      ERROR [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0362: Capabilities required by resource '/subsystem=jgroups/stack=udp/protocol=ASYM_ENCRYPT' are not available:
    org.wildfly.security.key-store.server.keystore; There are no known registration points which can provide this capability.
FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.

      We should still be able to define original protocol behaviour without Elytron, but it seems we can not use encrypt-protocol without keystore definition in Elytron which could be a backward compatibility issue.

      Used configuration in standalone-ha.xml is attached.

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-8405 JGRP000225: failed unmarshalling buffer into return value: NPE (ASYM_ENCRYPT + TCP, during server startup)

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-9867 Stack containing encrypt-protocol throws IllegalStateException at runtime

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFLY-8269 Encrypt-protocol can not be used without Elytron

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              pferraro@redhat.com Paul Ferraro
              dcihak@redhat.com Daniel Cihak
              Richard Janik Richard Janik
              Richard Janik Richard Janik
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: