users@glassfish.java.net

[gf-users] Re: Issues with GF 4.x and Signed Certificates

From: Will Hartung <willh_at_mirthcorp.com>
Date: Thu, 30 Apr 2015 13:45:38 -0700

You didn't accidentally assign a password specifically to the key did you?

That's just a guess, mind.

On Thu, Apr 30, 2015 at 12:17 PM, MUNDT, CHRISTOPHER J CTR USAF AFMC
AFLCMC/HBAW-OL <christopher.mundt.ctr_at_us.af.mil> wrote:
> All,
>
> Has anyone else tried installing Signed Certificates into either GF 4.0 or GF 4.1? I am trying to implement new signed certificates into Glassfish but every time I import the Certificate into the keystore.jks and restart Glassfish I get an error.
>
> I haven't even adjusted any of the listeners to use the cert yet, I have just imported it into the keystore. I have also placed the necessary CAs in the cacerts.jks file.
>
> Ie.
>
> cp /config/keystore.jks /config/keystore.jks.backup
>
> keytool -importkeystore -srckeystore my-signed-certificate.jks -srcstorepass srcpasswd -srcalias myalias -destkeystore <domain>/config/keystore.jks -deststorepass gf_admin_pass -destalias myalias
>
> stop-domain
> start-domain
> Hit admin console from a browser and get the following in the logs, if I replace the keystore with the backup and restart Glassfish it starts right up.:
>
>
> [2015-04-30T19:06:38.987+0000] [glassfish 4.1] [SEVERE] [NCLS-CORE-00026] [javax.enterprise.system.core] [tid: _ThreadID=103 _ThreadName=Thread-19] [timeMillis: 1430420798987] [levelValue: 1000] [[
> Exception during lifecycle processing
> MultiException stack 1 of 4
> java.lang.Error: java.security.UnrecoverableKeyException: Cannot recover key
> at com.sun.enterprise.security.ssl.SSLUtils.getSSLContext(SSLUtils.java:160)
> at com.sun.enterprise.security.ssl.SSLUtils.postConstruct(SSLUtils.java:126)
> at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:329)
> at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:377)
> at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:114)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:102)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
> at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
> at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:153)
> at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
> at org.jvnet.hk2.internal.ServiceLocatorImpl.getService(ServiceLocatorImpl.java:647)
> at org.jvnet.hk2.internal.ThreeThirtyResolver.resolve(ThreeThirtyResolver.java:77)
> at org.jvnet.hk2.internal.ClazzCreator.resolve(ClazzCreator.java:214)
> at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:237)
> at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:360)
> at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:114)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:102)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
> at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
> at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:153)
> at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
> at com.sun.enterprise.security.ee.SecuritySniffer.setup(SecuritySniffer.java:115)
> at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:97)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:997)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:702)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:377)
> at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:211)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:100)
> Caused by: java.security.UnrecoverableKeyException: Cannot recover key
> at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
> at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138)
> at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55)
> at java.security.KeyStore.getKey(KeyStore.java:792)
> at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:131)
> at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:68)
> at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:259)
> at com.sun.enterprise.security.ssl.impl.SecuritySupportImpl.getKeyManagers(SecuritySupportImpl.java:324)
> at com.sun.enterprise.security.ssl.SSLUtils.getKeyManagers(SSLUtils.java:198)
> at com.sun.enterprise.security.ssl.SSLUtils.getSSLContext(SSLUtils.java:148)
> ... 37 more
> MultiException stack 2 of 4
> java.lang.IllegalStateException: Unable to perform operation: post construct on com.sun.enterprise.security.ssl.SSLUtils
> at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:395)
> at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:114)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:102)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
> at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
> at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:153)
> at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
> at org.jvnet.hk2.internal.ServiceLocatorImpl.getService(ServiceLocatorImpl.java:647)
> at org.jvnet.hk2.internal.ThreeThirtyResolver.resolve(ThreeThirtyResolver.java:77)
> at org.jvnet.hk2.internal.ClazzCreator.resolve(ClazzCreator.java:214)
> at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:237)
> at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:360)
> at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:114)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:102)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
> at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
> at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:153)
> at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
> at com.sun.enterprise.security.ee.SecuritySniffer.setup(SecuritySniffer.java:115)
> at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:97)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:997)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:702)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:377)
> at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:211)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:100)
> MultiException stack 3 of 4
> java.lang.IllegalArgumentException: While attempting to resolve the dependencies of com.sun.enterprise.security.SecurityLifecycle errors were found
> at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:249)
> at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:360)
> at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:114)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:102)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
> at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
> at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:153)
> at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
> at com.sun.enterprise.security.ee.SecuritySniffer.setup(SecuritySniffer.java:115)
> at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:97)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:997)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:702)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:377)
> at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:211)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:100)
> MultiException stack 4 of 4
> java.lang.IllegalStateException: Unable to perform operation: resolve on com.sun.enterprise.security.SecurityLifecycle
> at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:389)
> at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:461)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:114)
> at org.jvnet.hk2.internal.SingletonContext$1.compute(SingletonContext.java:102)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture$1.call(Cache.java:97)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at org.glassfish.hk2.utilities.cache.Cache$OriginThreadAwareFuture.run(Cache.java:154)
> at org.glassfish.hk2.utilities.cache.Cache.compute(Cache.java:199)
> at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:153)
> at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2258)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:105)
> at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:87)
> at com.sun.enterprise.security.ee.SecuritySniffer.setup(SecuritySniffer.java:115)
> at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:97)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:997)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:702)
> at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:377)
> at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:406)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:211)
> at com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:100)
>
>
> Chris
> 

-- 
This message, and any documents attached hereto, may contain confidential 
or proprietary information intended only for the use of the addressee(s) 
named above or may contain information that is legally  privileged. If you 
are not the intended addressee, or the person responsible for delivering it 
to the intended addressee, you are hereby notified that reading, 
disseminating, distributing or copying this message is strictly prohibited. 
If you have received this message by mistake, please immediately notify us 
by replying to the message and delete the original message and any copies 
immediately thereafter.  Thank you for your cooperation.
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.