Back to bug 1043586
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Eric Rich | 2013-12-16 17:55:28 UTC | Link ID | Red Hat Knowledge Base (Solution) 485623 | |
| Tom WELLS | 2014-02-11 03:45:55 UTC | Keywords | Documentation, Triaged | |
| CC | twells | |||
| Russell Dickenson | 2014-03-06 02:15:46 UTC | Status | NEW | ASSIGNED |
| Assignee | rdickens | lcosti | ||
| Russell Dickenson | 2014-03-06 03:33:05 UTC | CC | jawilson | |
| Flags | needinfo?(jawilson) | |||
| Lucas Costi | 2014-03-06 06:38:29 UTC | Doc Text | If using a keystore, when upgrading a JBoss EAP 6 instance from 6.1.0 or earlier, to 6.1.1 or later, the keystore may be corrupted. As a result, any applications or services which use the keystore, such as SSL, will not work after the upgrade. This issue is caused by a fix for a security issue that is resolved in JBoss EAP 6.1.1 and later. The security fix forces older keystores to be converted from JKS format with an RSA key to JCEKS format with an AES key, and this conversion process may not be successful when upgrading. To workaround this problem, customers can create a new vault and store the attributes there. For more details on this issue and the workaround, refer to this Customer Portal Solution: https://access.redhat.com/support/cases/00998441/ For further details on the original security issue, refer to the Red Hat security advisory for the JBoss EAP 6.1.1 release: https://access.redhat.com/support/cases/00998441/ | |
| Summary | Release Notes for RHSA-2013-1209 | Keystore conversion when upgrading from JBoss EAP 6.1.0 or earlier | ||
| Doc Type | Bug Fix | Known Issue | ||
| Russell Dickenson | 2014-03-11 05:19:23 UTC | Target Release | --- | EAP 6.2.2 |
| FIlip Bogyai | 2014-03-24 15:04:08 UTC | Depends On | 1080045 | |
| Lucas Costi | 2014-03-24 23:08:49 UTC | CC | fbogyai | |
| Lucas Costi | 2014-03-24 23:15:07 UTC | Status | ASSIGNED | MODIFIED |
| Doc Text | If using a keystore, when upgrading a JBoss EAP 6 instance from 6.1.0 or earlier, to 6.1.1 or later, the keystore may be corrupted. As a result, any applications or services which use the keystore, such as SSL, will not work after the upgrade. This issue is caused by a fix for a security issue that is resolved in JBoss EAP 6.1.1 and later. The security fix forces older keystores to be converted from JKS format with an RSA key to JCEKS format with an AES key, and this conversion process may not be successful when upgrading. To workaround this problem, customers can create a new vault and store the attributes there. For more details on this issue and the workaround, refer to this Customer Portal Solution: https://access.redhat.com/support/cases/00998441/ For further details on the original security issue, refer to the Red Hat security advisory for the JBoss EAP 6.1.1 release: https://access.redhat.com/support/cases/00998441/ | If using a vault, when upgrading a JBoss EAP 6 instance from 6.1.0 or earlier, to 6.1.1 or later, the associated vault keystore is converted from JKS to JCEKS format. As a result, any applications or services which use the same keystore, such as SSL, will not work after the upgrade. This issue is caused by a fix for a security issue that is resolved in JBoss EAP 6.1.1 and later. The security fix forces older keystores to be converted from JKS format with an RSA key to JCEKS format with an AES key, and this conversion process may not be successful when upgrading. To workaround this problem, customers can create a new vault and store the attributes there. For more details on this issue and the workaround, refer to this Customer Portal Solution: https://access.redhat.com/support/cases/00998441/ For further details on the original security issue, refer to the Red Hat security advisory for the JBoss EAP 6.1.1 release: https://access.redhat.com/support/cases/00998441/ | ||
| Summary | Keystore conversion when upgrading from JBoss EAP 6.1.0 or earlier | Vault keystore conversion when upgrading from JBoss EAP 6.1.0 or earlier | ||
| Lucas Costi | 2014-03-26 05:53:29 UTC | Status | MODIFIED | ON_QA |
| Target Milestone | --- | GA | ||
| FIlip Bogyai | 2014-03-26 08:45:31 UTC | Status | ON_QA | VERIFIED |
| mark yarborough | 2014-06-02 12:50:40 UTC | Status | VERIFIED | CLOSED |
| Resolution | --- | CURRENTRELEASE | ||
| Last Closed | 2014-06-02 08:50:40 UTC | |||
| Tom WELLS | 2014-08-14 15:23:19 UTC | Component | doc-Release_Notes | Documentation |
| Jimmy Wilson | 2014-09-30 08:12:04 UTC | Flags | needinfo?(jawilson) |
Back to bug 1043586