Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-8673

ASYM_ENCRYPT legacy configuration should not attempt to create elytron reference

XMLWordPrintable

      I found that currently, when configuring ASYM_ENCRYPT in legacy way, an elytron key-store reference is always automatically created. That should not happen as people who want to use the legacy security may want to remove the Elytron subsystem entirely. JGroups boot would fail in that case.

      /subsystem=jgroups/stack=udp2/protocol=ASYM_ENCRYPT:add()
/subsystem=jgroups/stack=udp2/protocol=ASYM_ENCRYPT/property=encrypt_entire_message:add(value=true)
/subsystem=jgroups/stack=udp2/protocol=ASYM_ENCRYPT/property=sym_keylength:add(value=512)
/subsystem=jgroups/stack=udp2/protocol=ASYM_ENCRYPT/property=sym_algorithm:add(value=AES/ECB/PKCS5Padding)
/subsystem=jgroups/stack=udp2/protocol=ASYM_ENCRYPT/property=asym_keylength:add(value=512)
/subsystem=jgroups/stack=udp2/protocol=ASYM_ENCRYPT/property=asym_algorithm:add(value=RSA)

      Here, I removed the elytron subsystem and used configuration from JBEAP-8405.

      12:56:22,202 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 18) WFLYCTL0013: Operation ("add") failed - address: ([
    ("subsystem" => "jgroups"),
    ("stack" => "tcp"),
    ("protocol" => "ASYM_ENCRYPT")
]) - failure description: "WFLYCLJG0026: No add operation registered at /subsystem=elytron/key-store=jgroups-tcp"

              pferraro@redhat.com Paul Ferraro
              pferraro@redhat.com Paul Ferraro
              Richard Janik Richard Janik
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: