[ https://issues.redhat.com/browse/WFLY-13756?page=com.atlassian.jira.plugi... ] Jan Stourac updated WFLY-13756: ------------------------------- Description: It is possible to create a {{credential-reference}} to the credential store just with the name of credential store in question - without specifying {{alias}} (or {{clear-text}} in case of automatic addition of new record into the credential store, see doc [16.4.2. Automatic Updates of Credential Stores|https://docs.wildfly.org/20/WildFly_Elytron_Security.html#referenc...]). Actual configuration error is revealed when server is reloaded with following error message in server log (note that I can see this error in case of 'key-store' example but not in case of 'imap' example - see Reproduction steps for this issue): {code} 22:03:26,791 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ ("subsystem" => "elytron"), ("key-store" => "exampleKS") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.key-store.exampleKS" => "WFLYELY00004: Unable to start the service. Caused by: java.io.IOException: WFLYELY00910: Password cannot be resolved for key-store '/tmp/cred/wildfly-20.0.1.Final/standalone/configuration/example.keystore'"}} {code} This misconfiguration is not possible to do in {{Wildfly 19.1.0.Final}} as you are requested to specify {{alias}} attribute too. I suspect that change in behavior has been introduced thanks to this new feature https://issues.redhat.com/browse/WFLY-12218 (see the doc referenced above). Correct behavior is to require credential store name and: # 'alias' # or 'alias' and 'clear-text' # or 'clear-text' (alias will be generated automatically in this case) as described in the referenced documentation. was: It is possible to create a {{credential-reference}} to the credential store just with the name of credential store in question - without specifying {{alias}} (or {{clear-text}} in case of automatic addition of new record into the credential store, see doc [16.4.2. Automatic Updates of Credential Stores|https://docs.wildfly.org/20/WildFly_Elytron_Security.html#referenc...]). Actual configuration error is revealed when server is reloaded with following error message in server log: {code} 22:03:26,791 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ ("subsystem" => "elytron"), ("key-store" => "exampleKS") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.key-store.exampleKS" => "WFLYELY00004: Unable to start the service. Caused by: java.io.IOException: WFLYELY00910: Password cannot be resolved for key-store '/tmp/cred/wildfly-20.0.1.Final/standalone/configuration/example.keystore'"}} {code} This misconfiguration is not possible to do in {{Wildfly 19.1.0.Final}} as you are requested to specify {{alias}} attribute too. I suspect that change in behavior has been introduced thanks to this new feature https://issues.redhat.com/browse/WFLY-12218 (see the doc referenced above). Correct behavior is to require credential store name and: # 'alias' # or 'alias' and 'clear-text' # or 'clear-text' (alias will be generated automatically in this case) as described in the referenced documentation. -- This message was sent by Atlassian Jira (v7.13.8#713008)