Bug 1013010 - Seeding SRAMP fails if SSL enabled in post process installation
Summary: Seeding SRAMP fails if SSL enabled in post process installation
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Fuse Service Works 6
Classification: JBoss
Component: Installer
Version: 6.0.0 GA
Hardware: Unspecified
OS: Unspecified
unspecified
urgent
Target Milestone: ER7
: 6.0.0
Assignee: Thomas Hauser
QA Contact: Stefan Bunciak
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-09-27 15:07 UTC by Pavol Srna
Modified: 2014-02-06 15:29 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Embargoed:

Attachments (Terms of Use)
screenshot (66.51 KB, image/png)
2013-09-27 15:08 UTC, Pavol Srna 		no flags Details
View All

Description Pavol Srna 2013-09-27 15:07:29 UTC 
Description of problem:

Please see screenshot attached.




How reproducible:


Steps to Reproduce:
1. leave all defaults
2. enable SSL in post processing configuration and fill in necessary fields for keystore 
3. hit on next .. (it fails on the processing page)
Comment 1 Pavol Srna 2013-09-27 15:08:01 UTC 
Created attachment 803999 [details]
screenshot
Comment 3 Francisco Canas 2013-09-27 19:22:06 UTC 
We are unable to reproduce this issue with either ER3 or latest dev jars.
Can you give us a few more details?
Are you using a valid keystore file, and is it brand new? 
Which exact installer version are you using currently?
JDK version and OS?

thanks.
Comment 4 Pavol Srna 2013-09-30 08:54:34 UTC 
I used a self signed certificate.

Here are my steps:

A) Creating the keystore and private key:

a1) `keytool -genkey -alias jboss -keypass pass123 -keyalg RSA -keystore server.keystore` ... server.keystore is generated.

a2) `keytool -list -keystore server.keystore` ... You should see the PrivateKeyEntry named jboss in the listing.



B) Generating and storing the certificate.

b1) `keytool -export -alias jboss -keypass pass123 -file server.crt -keystore server.keystore`  ... server.crt is generated.

b2) `keytool -import -alias jbosscert -keypass pass123 -file server.crt -keystore server.keystore` ... You receive a warning that it already exists in the keystore.  Ignore it.  It is because Java expects separate keystore and trustore files and we are using only one.

b3) `keytool -list -keystore server.keystore` ... You should see a TrustedCertEntry named jbosscert in the listing.


Then I used the generated keystore file in the installer.

I used ER3 installer (jboss-eap-6.0.0.fsw.ci-installer.jar) 
uname -a: 

Linux psrna-ThinkPad-T430s 3.5.0-40-generic #62~precise1-Ubuntu SMP Fri Aug 23 17:59:10 UTC 2013 i686 i686 i386 GNU/Linux

java:  

java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Server VM (build 24.0-b56, mixed mode)


When I uncheck the s-ramp pack in the installer and install only FSW then there is no exception/error dialog during installation.
Comment 5 Thomas Hauser 2013-09-30 17:59:21 UTC 
Reproduced. The issue is not that the SRAMP repo seeding fails, but that the job that tries to shutdown the server fails due to missing classes relating to the SSL configuration.
Comment 6 Thomas Hauser 2013-09-30 18:02:56 UTC 
I was able to fix this issue (somewhat) by including the jboss-sasl classes in the installer. However, there is a prompt displayed to the user: 
Accept certificate? [N]o, [T]emporarily, [P]ermenantly : T

The installer will hang until an answer is given. It will fail if the "No" answer is given. I will look into automating this selection, at least there is no big CNFE being spit at the user now.
Comment 7 Thomas Hauser 2013-10-21 15:32:57 UTC 
A complete fix for this issue will be in post beta builds. The prompt will not be displayed to the user at all anymore.
Comment 8 Pavol Srna 2013-12-13 13:20:32 UTC 
Verified in ER7.
Note You need to log in before you can comment on or make changes to this bug.