Bug 1108310

Summary: [GSS] (6.4.0) Improve the ability to use MS Windows keystore for the web servers ssl connector
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Derek Horton <dehort>
Component: WebAssignee: Rémy Maucherat <rmaucher>
Status: CLOSED CURRENTRELEASE QA Contact: Jan Stefl <jstefl>
Severity: unspecified Docs Contact: Russell Dickenson <rdickens>
Priority: unspecified    
Version: 6.4.0CC: bmaxwell, jstefl, rhatlapa, smumford
Target Milestone: ---   
Target Release: EAP 6.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1108307 Environment:
Last Closed: 2017-02-26 04:52:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1138672    
Bug Blocks: 1108307    

Description Derek Horton 2014-06-11 17:06:50 UTC 
+++ This bug was initially created as a clone of Bug #1108307 +++

Description of problem:
It is possible to configure the web ssl connector to use the Windows certificate keystore (access provided by the SunMSCAPI provider). However, the JSSESocketFactory checks for a keystore file. This check should likely be skipped when the connector is configured to use the Windows keystore.

Here is what the configuration looks like:
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="https" 
key-alias="jbossweb" 
keystore-type="Windows-MY"
protocol="TLSv1"
</connector>

This results in an error like this:
13:54:01,821 ERROR [org.apache.coyote.http11] (MSC service thread 1-5) JBWEB003043: Error initializing endpoint: java.io.FileNotFoundException: C:\Users\imauser\.keystore (The system cannot find the file specified)

You can work around this issue by creating this keystore (C:\Users\imauser\.keystore).

More info on using the Windows keystores can be found here:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunMSCAPI
http://www.oracle.com/technetwork/articles/javase/security-137537.html
Comment 1 JBoss JIRA Server 2014-06-18 16:11:18 UTC 
Emmanuel Hugonnet <ehugonne> updated the status of jira WFLY-3483 to Resolved
Comment 6 Mike McCune 2016-03-28 23:29:09 UTC 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions