Uploaded image for project: 'WildFly WIP'
  1. WildFly WIP
  2. WFWIP-226

ASYM_ENCRYPT configuration from S2I build/runtime configuration is wrong

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • OpenShift
    • None

    • KUBERNETES_LABEL=deploymentconfig=jgroups
      JGROUPS_ENCRYPT_PROTOCOL=ASYM_ENCRYPT
      JGROUPS_CLUSTER_PASSWORD=foobar123
      KUBERNETES_NAMESPACE=mjurc-namespace
      JGROUPS_PING_PROTOCOL=kubernetes.KUBE_PING

      Deployment of application fails on runtime configured by S2I mechanisms with new Galleon image with the following message:

      13:10:50,722 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 81) MSC000001: Failed to start service org.wildfly.clustering.jgroups.channel.ee: org.jboss.msc.service.StartException in service org.wildfly.clustering.jgroups.channel.ee: java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: true KeyPairGenerator not available
	at org.wildfly.clustering.service@7.3.0.CD18-redhat-SNAPSHOT//org.wildfly.clustering.service.FunctionalService.start(FunctionalService.java:70)
	at org.wildfly.clustering.service@7.3.0.CD18-redhat-SNAPSHOT//org.wildfly.clustering.service.AsyncServiceConfigurator$AsyncService.lambda$start$0(AsyncServiceConfigurator.java:117)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
	at java.base/java.lang.Thread.run(Thread.java:834)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.JBossThread.run(JBossThread.java:485)
Caused by: java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: true KeyPairGenerator not available
	at org.jboss.as.clustering.jgroups@7.3.0.CD18-redhat-SNAPSHOT//org.jboss.as.clustering.jgroups.subsystem.ChannelServiceConfigurator.get(ChannelServiceConfigurator.java:116)
	at org.jboss.as.clustering.jgroups@7.3.0.CD18-redhat-SNAPSHOT//org.jboss.as.clustering.jgroups.subsystem.ChannelServiceConfigurator.get(ChannelServiceConfigurator.java:58)
	at org.wildfly.clustering.service@7.3.0.CD18-redhat-SNAPSHOT//org.wildfly.clustering.service.FunctionalService.start(FunctionalService.java:67)
	... 7 more
Caused by: java.security.NoSuchAlgorithmException: true KeyPairGenerator not available
	at java.base/java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:236)
	at org.jgroups@4.1.4.Final//org.jgroups.protocols.ASYM_ENCRYPT.initKeyPair(ASYM_ENCRYPT.java:507)
	at org.jgroups@4.1.4.Final//org.jgroups.protocols.ASYM_ENCRYPT.init(ASYM_ENCRYPT.java:105)
	at org.jgroups@4.1.4.Final//org.jgroups.stack.ProtocolStack.initProtocolStack(ProtocolStack.java:861)
	at org.jgroups@4.1.4.Final//org.jgroups.stack.ProtocolStack.init(ProtocolStack.java:849)
	at org.jgroups@4.1.4.Final//org.jgroups.JChannel.<init>(JChannel.java:155)
	at org.jboss.as.clustering.jgroups@7.3.0.CD18-redhat-SNAPSHOT//org.jboss.as.clustering.jgroups.JChannelFactory.createChannel(JChannelFactory.java:116)
	at org.jboss.as.clustering.jgroups@7.3.0.CD18-redhat-SNAPSHOT//org.jboss.as.clustering.jgroups.subsystem.ChannelServiceConfigurator.get(ChannelServiceConfigurator.java:96)
	... 9 more
13:10:51,021 INFO  [org.wildfly.extension.messaging-activemq] (ServerService Thread Pool -- 81) WFLYMSGAMQ0002: Bound messaging object to jndi name java:jboss/exported/jms/RemoteConnectionFactory
13:10:51,043 INFO  [org.wildfly.extension.messaging-activemq] (ServerService Thread Pool -- 83) WFLYMSGAMQ0002: Bound messaging object to jndi name java:/ConnectionFactory
13:10:51,108 INFO  [org.jboss.as.connector.deployment] (MSC service thread 1-1) WFLYJCA0007: Registered connection factory java:/JmsXA
13:10:51,269 INFO  [org.apache.activemq.artemis.ra] (MSC service thread 1-1) AMQ151007: Resource adaptor started
13:10:51,269 INFO  [org.jboss.as.connector.services.resourceadapters.ResourceAdapterActivatorService$ResourceAdapterActivator] (MSC service thread 1-1) IJ020002: Deployed: file://RaActivatoractivemq-ra
13:10:51,271 INFO  [org.jboss.as.connector.deployment] (MSC service thread 1-1) WFLYJCA0002: Bound JCA ConnectionFactory [java:/JmsXA]
13:10:51,271 INFO  [org.jboss.as.connector.deployment] (MSC service thread 1-1) WFLYJCA0118: Binding connection factory named java:/JmsXA to alias java:jboss/DefaultJMSConnectionFactory
13:10:51,440 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([
    ("subsystem" => "jgroups"),
    ("channel" => "ee")
]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.clustering.jgroups.channel.ee" => "java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: true KeyPairGenerator not available
    Caused by: java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: true KeyPairGenerator not available
    Caused by: java.security.NoSuchAlgorithmException: true KeyPairGenerator not available"}}
13:10:51,455 INFO  [org.jboss.as.server] (ServerService Thread Pool -- 45) WFLYSRV0010: Deployed "ROOT.war" (runtime-name : "ROOT.war")
13:10:51,458 INFO  [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report
WFLYCTL0186:   Services which failed to start:      service org.wildfly.clustering.jgroups.channel.ee: java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: true KeyPairGenerator not available
WFLYCTL0448: 38 additional services are down due to their dependencies being missing or failed
13:10:51,569 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
13:10:51,579 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://0.0.0.0:9990/management
13:10:51,579 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0054: Admin console is not enabled
13:10:51,579 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: JBoss EAP CD 7.3.0.CD18 (WildFly Core 10.0.1.Final-redhat-SNAPSHOT) started (with errors) in 9553ms - Started 476 of 835 services (35 services failed or missing dependencies, 541 services are lazy, passive or on-demand)
ERROR *** JBossAS wrapper process (1) received TERM signal ***

      The same deployment with same deployment config will not fail with previous images.

      There's an actual difference in outputted JGroups configuration:

      7.3.0.Beta
                  <protocol type="ASYM_ENCRYPT">
                <property name="sym_keylength">128</property>
                <property name="sym_algorithm">AES/ECB/PKCS5Padding</property>
                <property name="asym_keylength">512</property>
                <property name="asym_algorithm">RSA</property>
                <property name="change_key_on_leave">true</property>
            </protocol>
      New image
                  <protocol type="org.jgroups.protocols.ASYM_ENCRYPT">
                <property name="sym_keylength">128</property>
                <property name="sym_algorithm">AES/ECB/PKCS5Padding</property>
                <property name="asym_keylength">512</property>
                <property name="asym_algorithm">true</property>
            </protocol>

              yborgess1@redhat.com Yeray Borges Santana
              mjurc@redhat.com Michal Jurc
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: