users@glassfish.java.net

Re: Error upgrading config for secure DAS-to-instance admin traffic

From: Tim Quinn <tim.quinn_at_oracle.com>
Date: Wed, 22 Aug 2012 07:04:41 -0500

Christian,

I will try to reproduce this problem here a little later today, but in the meantime have you tried referring to the original 3.1.2 installation in the upgrade using /opt/glassfish-3.1.2 instead of the link? It's not clear that this is the problem, but it would be easy to try (if you have not already done so).

- Tim


On Aug 21, 2012, at 6:34 AM, Christian Affolter wrote:

> Dear GlassFish users
>
> I'm trying to upgrade the GlassFish Server Open Source Edition from
> 3.1.2 to 3.1.2.2 with a side-by-side upgrade path and the help of the
> asupgrade tool, following the upgrade guide (chapter "To Upgrade From
> the Command Line Using Upgrade Tool").
>
> Unfortunately the upgrade fails with the following exception:
> asadmin: SEVERE: Error upgrading config for secure DAS-to-instance admin
> traffic
> asadmin: org.jvnet.hk2.component.ComponentException: injection failed on
> com.sun.enterprise.security.ssl.SSLUtils.secSupp with class
> com.sun.enterprise.server.pluggable.SecuritySupport
>
> [...]
>
> asadmin: Caused by: java.io.IOException: Keystore was tampered with, or
> password was incorrect
>
>
> The old version is located at /opt/glassfish-3.1.2 and symlinked to
> /opt/glassfish, whereas the new version will be located at
> /opt/glassfish-3.1.2.2. The old version uses a site specific master
> password (not the default one).
>
>
> I've used the following steps to upgrade to the new version:
>
> cd /var/tmp
> wget
> http://download.java.net/glassfish/3.1.2.2/release/glassfish-3.1.2.2.zip
> mkdir --mode=755 /opt/glassfish-3.1.2.2
> unzip glassfish-3.1.2.2.zip -d /opt/glassfish-3.1.2.2
>
> rm -rf /opt/glassfish-3.1.2.2/glassfish3/glassfish/domains/domain1
>
> /opt/glassfish-3.1.2.2/glassfish3/glassfish/bin/asupgrade \
> --console \
> --source /opt/glassfish/glassfish3/glassfish/domains/domain1 \
> --target /opt/glassfish-3.1.2.2/glassfish3/glassfish/domains
>
> On the "Enter the master password" prompt I've entered the same master
> password as on the old version, however asadmin doesn't seems to be able
> to access the keystore. I've used copy and paste for entering the master
> password and also verified it on the old version beforehand.
>
> Afterwards I've compared the MD5 sums of the following files on both
> versions, they all match.
> .../domains/domain1/config/keystore.jks
> .../domains/domain1/config/cacerts.jks
> .../domains/domain1/master-password
>
> I was also able to list the content of the keystore and the cacerts with
> help of the keytool and the master password of the old version.
>
>
> Are there any pre-upgrade steps that I've missed or what could be the
> cause of the above error?
>
>
> Please find attached the complete upgrade log file.
>
>
> Thanks a lot in advance for your help.
> Christian
> <upgrade.log>