1026418 – Command passed as argument is not executed while accepting SSL certificate.

Bug 1026418 - Command passed as argument is not executed while accepting SSL certificate.

Summary: Command passed as argument is not executed while accepting SSL certificate.

Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	CLI
Sub Component:
Version:	6.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	DR6
Target Release:	EAP 6.3.0
Assignee:	Darran Lofthouse
QA Contact:	Petr Kremensky
Docs Contact:	Russell Dickenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-11-04 15:30 UTC by Petr Kremensky
Modified:	2014-06-28 15:28 UTC (History)
CC List:	4 users (show)
Doc Type:
Doc Text:	(edit) When starting the JBoss EAP 6 CLI with a command being passed as an argument, if that server prompted the user to accept a server certificate, it logged that prompt as an error. This resulted in any command passed as an argument being skipped, as those commands are only executed if no errors have occurred. This issue was fixed by outputting the certificate acceptance prompt as normal output instead of as an error. As a result, a command as an argument when starting the CLI is successfully executed after the user has accepted the server's certificate. When starting the JBoss EAP 6 CLI with a command being passed as an argument, if that server prompted the user to accept a server certificate, it logged that prompt as an error. This resulted in any command passed as an argument being skipped, as those commands are only executed if no errors have occurred. This issue was fixed by outputting the certificate acceptance prompt as normal output instead of as an error. As a result, a command as an argument when starting the CLI is successfully executed after the user has accepted the server's certificate.
Clone Of:
Environment:	(edit)
Last Closed:	2014-06-28 15:28:09 UTC
Type:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
JBoss Issue Tracker	WFLY-2538	Major	Closed	Certificate acceptance causing command entered on starting the CLI to be skipped.	2018-08-14 13:49 UTC
JBoss Issue Tracker	WFLY-2950	Major	Closed	jboss-cli using https-remoting: command not executed if certificate is unrecognised	2018-08-14 13:49 UTC

Description Petr Kremensky 2013-11-04 15:30:41 UTC

Description of problem:
 Command passed as arguments to CLI is not executed once I choose to accept the SSL certificate only temporarily. 

Version-Release number of selected component (if applicable):
 EAP 6.2.0.ER7

How reproducible:
 Always

Steps to Reproduce:
 0. Navigate to JBOSS_HOME/bin.
 1. Create SSL certificate like: 
keytool -genkeypair -alias alias -keyalg RSA -keystore ssl-test.keystore -storepass password --dname "CN=jboss,OU=Engineering,O=redhat.com,L=Brno,C=CZ"
 2. Start standalone server.
 3. Secure ManagementRealm with SSL: 
./jboss-cli.sh -c command="/core-service=management/security-realm=ManagementRealm/server-identity=ssl:add(keystore-path=ssl-test.keystore,keystore-password="password")"
 4. Restart server
 5. Stop the server using non-interactive CLI mode, accept the certificate only temporarily.
./jboss-cli.sh -c shutdown
Accept certificate? [N]o, [T]emporarily, [P]ermenantly : T

Actual results:
 CLI command is not executed.

Expected results:
 CLI command is executed.

Additional info:
 Even if I accept the certificate permanently the first command is not executed (step 5). After accepting the certificate, one must call the command again to shutdown the server.

Comment 1 Darran Lofthouse 2013-11-19 14:13:04 UTC

Assigning to me as I am currently working on improving the certificate acceptance logic upstream.

Comment 2 JBoss JIRA Server 2013-11-19 19:28:47 UTC

Darran Lofthouse <darran.lofthouse@jboss.com> made a comment on jira WFLY-2538

Additional testing and this does not seem to be restricted to the certificate acceptance prompt, if the user is required to authenticate and provide a username and password the same behaviour is observed.

Comment 3 JBoss JIRA Server 2013-11-19 19:40:49 UTC

Darran Lofthouse <darran.lofthouse@jboss.com> made a comment on jira WFLY-2538

-Additional testing and this does not seem to be restricted to the certificate acceptance prompt, if the user is required to authenticate and provide a username and password the same behaviour is observed.-

Ignore this comment, further testing does appear to be specific to certificate acceptance.

Comment 4 JBoss JIRA Server 2013-11-21 18:00:46 UTC

Darran Lofthouse <darran.lofthouse@jboss.com> updated the status of jira WFLY-2538 to Coding In Progress

Comment 5 Darran Lofthouse 2014-02-11 12:37:24 UTC

Adding devel_ack as the upstream issue is resolved so should be a trivial backport.

Comment 8 Petr Kremensky 2014-03-31 07:06:30 UTC

Verified on EAP 6.3.0.DR6.

Note You need to log in before you can comment on or make changes to this bug.