users@glassfish.java.net

Problem with keystore

From: <glassfish_at_javadesktop.org>
Date: Mon, 15 Feb 2010 03:21:42 PST

Hi,

I'm trying to install a certificate in config/keystore.jks and the admin console doesn't work anymore. If you suppress the certificate, all is ok...
Does anyone can help me ?

You can reproduce the problem by a fresh glassfish installation and a generation of certificate by keytool
>keytool -genkey -dname 'cn=TEST,ou=test,o=FR' -keystore keystore.jks -alias serveurws -keypass alsochangeit -validity 180 -storepass changeit -keyalg RSA

Verifying the certificate
>keytool -list -keystore keystore.jks -storepass changeit

Type Keystore : JKS
Fournisseur Keystore : SUN

Votre Keystore contient 2 entree(s)

s1as, 3 dec. 2009, PrivateKeyEntry,
Empreinte du certificat (MD5) : BE:B0:43:EC:4E:1D:70:97:BC:E6:ED:77:D0:6C:74:D4
serveurws, 15 fevr. 2010, PrivateKeyEntry,
Empreinte du certificat (MD5) : 13:3A:C6:FB:4C:64:7E:8D:1A:40:78:51:E3:0E:4D:FB

Deleting the certificate
>keytool -delete -keystore keystore.jks -alias serveurws

The error log is
[#|2010-02-15T12:04:48.194+0100|SEVERE|glassfishv3.0|javax.enterprise.system.core.com.sun.enterprise.v3.server|_ThreadID=25;_ThreadName=Thread-1;|Exception while deploying the app
org.jvnet.hk2.component.ComponentException: Injection failed on private com.sun.enterprise.security.ssl.SSLUtils com.sun.enterprise.security.SecurityLifecycle.sslUtils
        at org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:107)
        at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java:170)
        at com.sun.hk2.component.ConstructorWomb$1.run(ConstructorWomb.java:87)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:84)
        at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:77)
        at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:58)
        at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:107)
        at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:60)
        at com.sun.enterprise.security.SecuritySniffer.setup(SecuritySniffer.java:105)
        at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:99)
        at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:703)
        at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:451)
        at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:262)
        at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:340)
        at com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:292)
        at com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:100)
Caused by: java.lang.IllegalStateException: java.security.UnrecoverableKeyException: Cannot recover key
        at com.sun.enterprise.security.ssl.SSLUtils.postConstruct(SSLUtils.java:135)
        at com.sun.hk2.component.AbstractWombImpl.inject(AbstractWombImpl.java:174)
        at com.sun.hk2.component.ConstructorWomb$1.run(ConstructorWomb.java:87)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sun.hk2.component.ConstructorWomb.initialize(ConstructorWomb.java:84)
        at com.sun.hk2.component.AbstractWombImpl.get(AbstractWombImpl.java:77)
        at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:58)
        at com.sun.hk2.component.LazyInhabitant.get(LazyInhabitant.java:107)
        at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:60)
        at org.jvnet.hk2.component.Habitat.getBy(Habitat.java:600)
        at org.jvnet.hk2.component.Habitat.getByType(Habitat.java:581)
        at com.sun.hk2.component.AbstractWombImpl$1.getValue(AbstractWombImpl.java:149)
        at org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:81)
        ... 16 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key
        at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
        at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
        at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
        at java.security.KeyStore.getKey(KeyStore.java:763)
        at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
        at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
        at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
        at com.sun.enterprise.security.ssl.SSLUtils.initKeyManagers(SSLUtils.java:336)
        at com.sun.enterprise.security.ssl.SSLUtils.postConstruct(SSLUtils.java:113)
        ... 28 more
|#]

[#|2010-02-15T12:04:48.470+0100|SEVERE|glassfishv3.0|null|_ThreadID=25;_ThreadName=Thread-1;|Exception while deploying the app : org.jvnet.hk2.component.ComponentException: Injection failed on private com.sun.enterprise.security.ssl.SSLUtils com.sun.enterprise.security.SecurityLifecycle.sslUtils|#]
[Message sent by forum member 'flcfrenchy' (flc_at_neuf.fr)]

http://forums.java.net/jive/thread.jspa?messageID=386740