June 2020 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-13063) Change default values of id-cache-size or confirmation-window-size for cluster connections

by Michal Petrov (Jira)

[ https://issues.redhat.com/browse/WFLY-13063?page=com.atlassian.jira.plugi... ] Michal Petrov commented on WFLY-13063: -------------------------------------- Looking at this more the change that introduced the size check also changed other confirmation windows sizes so this looks like an oversight on their part. I'm going to change the value. > Change default values of id-cache-size or confirmation-window-size for cluster connections > ------------------------------------------------------------------------------------------ > > Key: WFLY-13063 > URL: https://issues.redhat.com/browse/WFLY-13063 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 19.0.0.Beta2 > Reporter: Simon Priadka > Assignee: Justin Bertram > Priority: Major > > When establishing a new messaging cluster, default values of *id-cache-size* and *confirmation-window-size* are producing a *WARN* with following message: > {code} > 2020-02-04 21:35:20,228 WARN [org.apache.activemq.artemis.core.server] (Thread-2 (ActiveMQ-client-global-threads)) AMQ224078: The size of duplicate cache detection (<id_cache-size/>) appears to be too large 20,000. It should be no greater than the number of messages that can be squeezed into confirmation window buffer (<confirmation-window-size/>) 1,048,576. > {code} > According to the [method|https://github.com/apache/activemq-artemis/blob/3743bc9d9f39b0731f...] validating these values, this variable combination is "invalid" -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13063) Change default values of id-cache-size or confirmation-window-size for cluster connections

by Michal Petrov (Jira)

[ https://issues.redhat.com/browse/WFLY-13063?page=com.atlassian.jira.plugi... ] Michal Petrov reassigned WFLY-13063: ------------------------------------ Assignee: Michal Petrov (was: Justin Bertram) > Change default values of id-cache-size or confirmation-window-size for cluster connections > ------------------------------------------------------------------------------------------ > > Key: WFLY-13063 > URL: https://issues.redhat.com/browse/WFLY-13063 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 19.0.0.Beta2 > Reporter: Simon Priadka > Assignee: Michal Petrov > Priority: Major > > When establishing a new messaging cluster, default values of *id-cache-size* and *confirmation-window-size* are producing a *WARN* with following message: > {code} > 2020-02-04 21:35:20,228 WARN [org.apache.activemq.artemis.core.server] (Thread-2 (ActiveMQ-client-global-threads)) AMQ224078: The size of duplicate cache detection (<id_cache-size/>) appears to be too large 20,000. It should be no greater than the number of messages that can be squeezed into confirmation window buffer (<confirmation-window-size/>) 1,048,576. > {code} > According to the [method|https://github.com/apache/activemq-artemis/blob/3743bc9d9f39b0731f...] validating these values, this variable combination is "invalid" -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (JGRP-2482) Check if the largest thread pool is cluster-size + delta

by Bela Ban (Jira)

[ https://issues.redhat.com/browse/JGRP-2482?page=com.atlassian.jira.plugin... ] Bela Ban commented on JGRP-2482: -------------------------------- When running {{UPerf}} with {{<CLEAR_FLAGS internal="true" oob="true"/>}} (which makes *all* messages regular), then the largest thread pool size is ~5. This points to {{OOB}} and/or {{INTERNAL}} messages being the culprit: these are forwarded to the thread pool by {{MaxOneThreadPerSender}}, regardless of sender. Next step: find out what OOB or INTERNAL messages are received (UNICAST3 ACKs?) and see if the high number of these messages is correct. > Check if the largest thread pool is cluster-size + delta > -------------------------------------------------------- > > Key: JGRP-2482 > URL: https://issues.redhat.com/browse/JGRP-2482 > Project: JGroups > Issue Type: Task > Reporter: Bela Ban > Assignee: Bela Ban > Priority: Major > Fix For: 5.0.0.Final > > > When running UPerf in a cluster of 4, we see {{thread_pool_size_largest=39}}. Verify that MaxOneThreadPerSender works as expected: the largest thread pool size should be 4+delta (timer threads, retransmission): ~6. > It looks as if {{MPerf}} behaves (~6 threads), but {{UPerf}} doesn't: ~26 threads -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13558) Upgrade WildFly Core 12.0.1.Final

by Jeff Mesnil (Jira)

[ https://issues.redhat.com/browse/WFLY-13558?page=com.atlassian.jira.plugi... ] Jeff Mesnil updated WFLY-13558: ------------------------------- Description: Tag + Release Notes: https://github.com/wildfly/wildfly-core/releases/tag/12.0.1.Final Diff to previous integrated version: https://github.com/wildfly/wildfly-core/compare/12.0.0.Final...12.0.1.Final was: Tag + Release Notes: https://github.com/wildfly/wildfly-core/releases/tag/12.0.0.Final Diff to previous integrated version: https://github.com/wildfly/wildfly-core/compare/12.0.0.Beta4...12.0.0.Final > Upgrade WildFly Core 12.0.1.Final > --------------------------------- > > Key: WFLY-13558 > URL: https://issues.redhat.com/browse/WFLY-13558 > Project: WildFly > Issue Type: Component Upgrade > Components: Management > Reporter: Jeff Mesnil > Assignee: Jeff Mesnil > Priority: Blocker > Fix For: 20.0.0.Final > > > Tag + Release Notes: https://github.com/wildfly/wildfly-core/releases/tag/12.0.1.Final > Diff to previous integrated version: https://github.com/wildfly/wildfly-core/compare/12.0.0.Final...12.0.1.Final -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13558) Upgrade WildFly Core 12.0.1.Final

by Jeff Mesnil (Jira)

Jeff Mesnil created WFLY-13558: ---------------------------------- Summary: Upgrade WildFly Core 12.0.1.Final Key: WFLY-13558 URL: https://issues.redhat.com/browse/WFLY-13558 Project: WildFly Issue Type: Component Upgrade Components: Management Reporter: Jeff Mesnil Assignee: Jeff Mesnil Fix For: 20.0.0.Final Tag + Release Notes: https://github.com/wildfly/wildfly-core/releases/tag/12.0.0.Final Diff to previous integrated version: https://github.com/wildfly/wildfly-core/compare/12.0.0.Beta4...12.0.0.Final -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5413) Verifier breaks for multi template key BRL actions

by Jozef Marko (Jira)

Jozef Marko created DROOLS-5413: ----------------------------------- Summary: Verifier breaks for multi template key BRL actions Key: DROOLS-5413 URL: https://issues.redhat.com/browse/DROOLS-5413 Project: Drools Issue Type: Bug Components: Guided Decision Table Editor Affects Versions: 7.39.0.Final Reporter: Jozef Marko Assignee: Toni Rikkola Attachments: MySpace_whenandwhere.zip, Screenshot from 2020-06-04 15-12-33.png The Verifier feature throws an error when opening a table that contains specific combination of template keys in BRL action column. It seems as issue of one of columns bound to the template key is Date type. -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1982) TLS with BCJSSE Provider does not work

by Diana Vilkolakova (Jira)

[ https://issues.redhat.com/browse/ELY-1982?page=com.atlassian.jira.plugin.... ] Diana Vilkolakova updated ELY-1982: ----------------------------------- Steps to Reproduce: * drop two bc fips jars into java.home/jre/lib/ext ** bc-fips-1.0.2.jar ** bctls-fips-1.0.10.jar * configure providers in java.security: {code} security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS security.provider.3=sun.security.provider.Sun {code} * create BCFKS keystore in standalone/configuration: keytool -genkeypair -alias appserver -keyalg RSA -keysize 2048 -keypass password -keystore "keystore.bcfks" -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath bc-fips-1.0.1.jar -storetype BCFKS -storepass password -dname "CN=testserver,OU=TESTOU,O=TESTO,L=TESTL,ST=TESTCZ,C=TESTCZ" -validity 730 -v * configure server-ssl-context: {code} /subsystem=elytron/key-store=bcfks_keystore:add(path=keystore.bcfks,relative-to=jboss.server.config.dir,type="BCFKS",credential-reference={clear-text=password}) /subsystem=elytron/key-manager=bcfks_keymanager:add(key-store=bcfks_keystore,credential-reference={clear-text=password},algorithm=SunX509) /subsystem=elytron/server-ssl-context=server-ssl-context:add(key-manager=bcfks_keymanager,need-client-auth=false) {code} was: * drop two bc fips jars into java.home/jre/lib/ext ** bc-fips-1.0.1.jar ** bctls-fips-1.0.5.jar * configure providers in java.security: {code} security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS security.provider.3=sun.security.provider.Sun {code} * create BCFKS keystore in standalone/configuration: keytool -genkeypair -alias appserver -keyalg RSA -keysize 2048 -keypass password -keystore "keystore.bcfks" -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath bc-fips-1.0.1.jar -storetype BCFKS -storepass password -dname "CN=testserver,OU=TESTOU,O=TESTO,L=TESTL,ST=TESTCZ,C=TESTCZ" -validity 730 -v * configure server-ssl-context: {code} /subsystem=elytron/key-store=bcfks_keystore:add(path=keystore.bcfks,relative-to=jboss.server.config.dir,type="BCFKS",credential-reference={clear-text=password}) /subsystem=elytron/key-manager=bcfks_keymanager:add(key-store=bcfks_keystore,credential-reference={clear-text=password},algorithm=SunX509) /subsystem=elytron/server-ssl-context=server-ssl-context:add(key-manager=bcfks_keymanager,need-client-auth=false) {code} > TLS with BCJSSE Provider does not work > -------------------------------------- > > Key: ELY-1982 > URL: https://issues.redhat.com/browse/ELY-1982 > Project: WildFly Elytron > Issue Type: Bug > Components: SSL > Reporter: Diana Vilkolakova > Priority: Major > > Configuration of `server-ssl-context` does not seem to work with BCJSSE Provider. The steps above work for EAP 7.2, however they throw the following error in EAP 7.3: > ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("server-ssl-context" => "server-ssl-context") > ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.server-ssl-context" => "Failed to start service > Caused by: java.lang.IllegalStateException: SSLContext has not been initialized."}} > Stacktrace: > ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.security.ssl-context.server-ssl-context: org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.server-ssl-context: Failed to start service > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1731) > at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.lang.Thread.run(Thread.java:748) > Caused by: java.lang.IllegalStateException: SSLContext has not been initialized. > at org.bouncycastle.jsse.provider.ProvSSLContextSpi.getContextData(Unknown Source) > at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineGetServerSessionContext(Unknown Source) > at javax.net.ssl.SSLContext.getServerSessionContext(SSLContext.java:386) > at org.wildfly.security.ssl.SSLContextBuilder.lambda$build$0(SSLContextBuilder.java:340) > at org.wildfly.security.OneTimeSecurityFactory.create(OneTimeSecurityFactory.java:53) > at org.wildfly.extension.elytron.SSLDefinitions$6.lambda$getValueSupplier$1(SSLDefinitions.java:1173) > at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) > ... 6 more -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1982) TLS with BCJSSE Provider does not work

by Diana Vilkolakova (Jira)

[ https://issues.redhat.com/browse/ELY-1982?page=com.atlassian.jira.plugin.... ] Diana Vilkolakova updated ELY-1982: ----------------------------------- Description: Configuration of `server-ssl-context` does not seem to work with BCJSSE Provider. The steps above work for EAP 7.2, however they throw the following error in EAP 7.3: ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([ ("subsystem" => "elytron"), ("server-ssl-context" => "server-ssl-context") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.server-ssl-context" => "Failed to start service Caused by: java.lang.IllegalStateException: SSLContext has not been initialized."}} Stacktrace: ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.security.ssl-context.server-ssl-context: org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.server-ssl-context: Failed to start service at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1731) at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.IllegalStateException: SSLContext has not been initialized. at org.bouncycastle.jsse.provider.ProvSSLContextSpi.getContextData(Unknown Source) at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineGetServerSessionContext(Unknown Source) at javax.net.ssl.SSLContext.getServerSessionContext(SSLContext.java:386) at org.wildfly.security.ssl.SSLContextBuilder.lambda$build$0(SSLContextBuilder.java:340) at org.wildfly.security.OneTimeSecurityFactory.create(OneTimeSecurityFactory.java:53) at org.wildfly.extension.elytron.SSLDefinitions$6.lambda$getValueSupplier$1(SSLDefinitions.java:1173) at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) ... 6 more was: Configuration of `server-ssl-context` does not seem to work with BCJSSE Provider. The steps below work for EAP 7.2, however they throw the following error in EAP 7.3: ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([ ("subsystem" => "elytron"), ("server-ssl-context" => "server-ssl-context") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.server-ssl-context" => "Failed to start service Caused by: java.lang.IllegalStateException: SSLContext has not been initialized."}} Stacktrace: ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.security.ssl-context.server-ssl-context: org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.server-ssl-context: Failed to start service at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1731) at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.IllegalStateException: SSLContext has not been initialized. at org.bouncycastle.jsse.provider.ProvSSLContextSpi.getContextData(Unknown Source) at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineGetServerSessionContext(Unknown Source) at javax.net.ssl.SSLContext.getServerSessionContext(SSLContext.java:386) at org.wildfly.security.ssl.SSLContextBuilder.lambda$build$0(SSLContextBuilder.java:340) at org.wildfly.security.OneTimeSecurityFactory.create(OneTimeSecurityFactory.java:53) at org.wildfly.extension.elytron.SSLDefinitions$6.lambda$getValueSupplier$1(SSLDefinitions.java:1173) at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) ... 6 more > TLS with BCJSSE Provider does not work > -------------------------------------- > > Key: ELY-1982 > URL: https://issues.redhat.com/browse/ELY-1982 > Project: WildFly Elytron > Issue Type: Bug > Components: SSL > Reporter: Diana Vilkolakova > Priority: Major > > Configuration of `server-ssl-context` does not seem to work with BCJSSE Provider. The steps above work for EAP 7.2, however they throw the following error in EAP 7.3: > ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("server-ssl-context" => "server-ssl-context") > ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.server-ssl-context" => "Failed to start service > Caused by: java.lang.IllegalStateException: SSLContext has not been initialized."}} > Stacktrace: > ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.security.ssl-context.server-ssl-context: org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.server-ssl-context: Failed to start service > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1731) > at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.lang.Thread.run(Thread.java:748) > Caused by: java.lang.IllegalStateException: SSLContext has not been initialized. > at org.bouncycastle.jsse.provider.ProvSSLContextSpi.getContextData(Unknown Source) > at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineGetServerSessionContext(Unknown Source) > at javax.net.ssl.SSLContext.getServerSessionContext(SSLContext.java:386) > at org.wildfly.security.ssl.SSLContextBuilder.lambda$build$0(SSLContextBuilder.java:340) > at org.wildfly.security.OneTimeSecurityFactory.create(OneTimeSecurityFactory.java:53) > at org.wildfly.extension.elytron.SSLDefinitions$6.lambda$getValueSupplier$1(SSLDefinitions.java:1173) > at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) > ... 6 more -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1982) TLS with BCJSSE Provider does not work

by Diana Vilkolakova (Jira)

[ https://issues.redhat.com/browse/ELY-1982?page=com.atlassian.jira.plugin.... ] Diana Vilkolakova updated ELY-1982: ----------------------------------- Steps to Reproduce: * drop two bc fips jars into java.home/jre/lib/ext ** bc-fips-1.0.1.jar ** bctls-fips-1.0.5.jar * configure providers in java.security: {code} security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS security.provider.3=sun.security.provider.Sun {code} * create BCFKS keystore in standalone/configuration: keytool -genkeypair -alias appserver -keyalg RSA -keysize 2048 -keypass password -keystore "keystore.bcfks" -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath bc-fips-1.0.1.jar -storetype BCFKS -storepass password -dname "CN=testserver,OU=TESTOU,O=TESTO,L=TESTL,ST=TESTCZ,C=TESTCZ" -validity 730 -v * configure server-ssl-context: {code} /subsystem=elytron/key-store=bcfks_keystore:add(path=keystore.bcfks,relative-to=jboss.server.config.dir,type="BCFKS",credential-reference={clear-text=password}) /subsystem=elytron/key-manager=bcfks_keymanager:add(key-store=bcfks_keystore,credential-reference={clear-text=password},algorithm=SunX509) /subsystem=elytron/server-ssl-context=server-ssl-context:add(key-manager=bcfks_keymanager,need-client-auth=false) {code} was: * drop two bc fips jars into java.home/jre/lib/ext ** bc-fips-1.0.1.jar ** bctls-fips-1.0.5.jar * configure providers java.security: {code} security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS security.provider.3=sun.security.provider.Sun {code} * create BCFKS keystore in standalone/configuration: keytool -genkeypair -alias appserver -keyalg RSA -keysize 2048 -keypass password -keystore "keystore.bcfks" -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath bc-fips-1.0.1.jar -storetype BCFKS -storepass password -dname "CN=testserver,OU=TESTOU,O=TESTO,L=TESTL,ST=TESTCZ,C=TESTCZ" -validity 730 -v * configure server-ssl-context: {code} /subsystem=elytron/key-store=bcfks_keystore:add(path=keystore.bcfks,relative-to=jboss.server.config.dir,type="BCFKS",credential-reference={clear-text=password}) /subsystem=elytron/key-manager=bcfks_keymanager:add(key-store=bcfks_keystore,credential-reference={clear-text=password},algorithm=SunX509) /subsystem=elytron/server-ssl-context=server-ssl-context:add(key-manager=bcfks_keymanager,need-client-auth=false) {code} > TLS with BCJSSE Provider does not work > -------------------------------------- > > Key: ELY-1982 > URL: https://issues.redhat.com/browse/ELY-1982 > Project: WildFly Elytron > Issue Type: Bug > Components: SSL > Reporter: Diana Vilkolakova > Priority: Major > > Configuration of `server-ssl-context` does not seem to work with BCJSSE Provider. The steps below work for EAP 7.2, however they throw the following error in EAP 7.3: > ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("server-ssl-context" => "server-ssl-context") > ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.server-ssl-context" => "Failed to start service > Caused by: java.lang.IllegalStateException: SSLContext has not been initialized."}} > Stacktrace: > ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.security.ssl-context.server-ssl-context: org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.server-ssl-context: Failed to start service > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1731) > at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.lang.Thread.run(Thread.java:748) > Caused by: java.lang.IllegalStateException: SSLContext has not been initialized. > at org.bouncycastle.jsse.provider.ProvSSLContextSpi.getContextData(Unknown Source) > at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineGetServerSessionContext(Unknown Source) > at javax.net.ssl.SSLContext.getServerSessionContext(SSLContext.java:386) > at org.wildfly.security.ssl.SSLContextBuilder.lambda$build$0(SSLContextBuilder.java:340) > at org.wildfly.security.OneTimeSecurityFactory.create(OneTimeSecurityFactory.java:53) > at org.wildfly.extension.elytron.SSLDefinitions$6.lambda$getValueSupplier$1(SSLDefinitions.java:1173) > at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) > ... 6 more -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1982) TLS with BCJSSE Provider does not work

by Diana Vilkolakova (Jira)

Diana Vilkolakova created ELY-1982: -------------------------------------- Summary: TLS with BCJSSE Provider does not work Key: ELY-1982 URL: https://issues.redhat.com/browse/ELY-1982 Project: WildFly Elytron Issue Type: Bug Components: SSL Reporter: Diana Vilkolakova Configuration of `server-ssl-context` does not seem to work with BCJSSE Provider. The steps below work for EAP 7.2, however they throw the following error in EAP 7.3: ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0013: Operation ("add") failed - address: ([ ("subsystem" => "elytron"), ("server-ssl-context" => "server-ssl-context") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.server-ssl-context" => "Failed to start service Caused by: java.lang.IllegalStateException: SSLContext has not been initialized."}} Stacktrace: ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.security.ssl-context.server-ssl-context: org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.server-ssl-context: Failed to start service at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1731) at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.IllegalStateException: SSLContext has not been initialized. at org.bouncycastle.jsse.provider.ProvSSLContextSpi.getContextData(Unknown Source) at org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineGetServerSessionContext(Unknown Source) at javax.net.ssl.SSLContext.getServerSessionContext(SSLContext.java:386) at org.wildfly.security.ssl.SSLContextBuilder.lambda$build$0(SSLContextBuilder.java:340) at org.wildfly.security.OneTimeSecurityFactory.create(OneTimeSecurityFactory.java:53) at org.wildfly.extension.elytron.SSLDefinitions$6.lambda$getValueSupplier$1(SSLDefinitions.java:1173) at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) ... 6 more -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 7 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira June 2020