Red Hat Bugzilla – Bug 1013010
Seeding SRAMP fails if SSL enabled in post process installation
Last modified: 2014-02-06 10:29:03 EST
Description of problem:
Please see screenshot attached.
Steps to Reproduce:
1. leave all defaults
2. enable SSL in post processing configuration and fill in necessary fields for keystore
3. hit on next .. (it fails on the processing page)
Created attachment 803999 [details]
We are unable to reproduce this issue with either ER3 or latest dev jars.
Can you give us a few more details?
Are you using a valid keystore file, and is it brand new?
Which exact installer version are you using currently?
JDK version and OS?
I used a self signed certificate.
Here are my steps:
A) Creating the keystore and private key:
a1) `keytool -genkey -alias jboss -keypass pass123 -keyalg RSA -keystore server.keystore` ... server.keystore is generated.
a2) `keytool -list -keystore server.keystore` ... You should see the PrivateKeyEntry named jboss in the listing.
B) Generating and storing the certificate.
b1) `keytool -export -alias jboss -keypass pass123 -file server.crt -keystore server.keystore` ... server.crt is generated.
b2) `keytool -import -alias jbosscert -keypass pass123 -file server.crt -keystore server.keystore` ... You receive a warning that it already exists in the keystore. Ignore it. It is because Java expects separate keystore and trustore files and we are using only one.
b3) `keytool -list -keystore server.keystore` ... You should see a TrustedCertEntry named jbosscert in the listing.
Then I used the generated keystore file in the installer.
I used ER3 installer (jboss-eap-6.0.0.fsw.ci-installer.jar)
Linux psrna-ThinkPad-T430s 3.5.0-40-generic #62~precise1-Ubuntu SMP Fri Aug 23 17:59:10 UTC 2013 i686 i686 i386 GNU/Linux
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Server VM (build 24.0-b56, mixed mode)
When I uncheck the s-ramp pack in the installer and install only FSW then there is no exception/error dialog during installation.
Reproduced. The issue is not that the SRAMP repo seeding fails, but that the job that tries to shutdown the server fails due to missing classes relating to the SSL configuration.
I was able to fix this issue (somewhat) by including the jboss-sasl classes in the installer. However, there is a prompt displayed to the user:
Accept certificate? [N]o, [T]emporarily, [P]ermenantly : T
The installer will hang until an answer is given. It will fail if the "No" answer is given. I will look into automating this selection, at least there is no big CNFE being spit at the user now.
A complete fix for this issue will be in post beta builds. The prompt will not be displayed to the user at all anymore.
Verified in ER7.