Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1087807

Summary: User should be able to use his own keystore during vault configuration
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Petr Kremensky <pkremens>
Component: InstallerAssignee: Francisco Canas <fcanas>
Status: CLOSED CURRENTRELEASE QA Contact: Petr Kremensky <pkremens>
Severity: urgent Docs Contact: Russell Dickenson <rdickens>
Priority: unspecified    
Version: 6.3.0CC: fcanas, thauser
Target Milestone: ER2   
Target Release: EAP 6.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-28 15:41:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Petr Kremensky 2014-04-15 11:15:25 UTC 
Description of problem:
User was able to use his own keystore during vault configuration with EAP 6.2.0 installer. New feature in 6.3.0 allows user to generate a new keystore by installer, but we shouldn't drop support of using an existing keystores (I was told by people from security team, that it's a common practice to use shared keystore from remote location).

Version-Release number of selected component (if applicable):
EAP 6.3.0.ER1

How reproducible:
Always

Steps to Reproduce:
1. Generate a new keystore:
keytool -genkey -alias vault -keystore vault.keystore -keyalg RSA -keysize 1024 -storepass password -keypass password -dname "CN=Installer vault,OU=installer,O=JBoss,L=Brno,C=cz"
2. Start gui installer, go to "Configure runtime environment" screen using default values
3. Select to Perform advanced configuration -> Install password vault
4. Enter password: password
Enter location of created vault.keystore into New keystore location field
5. Finish the installation

Actual results:
Error dialogue will appear saying:
"The location given for the keystore already exists. Please indicate the location for the generated keystore."

Expected results:
Installer will use keystore created by user.

Additional info:
Installer should be able to decide, whether file entered by user is common file (throw error dialogue) or valid keystore (use it).
Comment 1 Francisco Canas 2014-04-16 14:48:44 UTC 
Modified the vault validator and post-installation vault job to allow the user to select a pre-existing keystore. The validator also checks that the supplied credentials are valid for the pre-existing keystore, and that the file itself is a valid keystore.
Comment 2 Petr Kremensky 2014-04-24 14:11:10 UTC 
Verified on EAP 6.3.0.ER2