4:17 a.m.
Hi,
Today we tried to upgrade our standalone 3.3 install to 3.4, following
the docs:
- copied 3.3 /standalone/ over the 3.4 install, replacing all
- copied mysql connector in modules/system/layers/keycloak/org
But then, the standalone upgrade script doesn't work:
root@server:/opt/keycloak-3.4.0.Final# bin/jboss-cli.sh
--file=bin/migrate-standalone.cli
Cannot start embedded server: WFLYEMB0021: Cannot start embedded process: Operation
failed: WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See
previous messages for details.
root@server:/opt/keycloak-3.4.0.Final#
When starting the 3.4 server without having run the upgrade script, we
see what the actual problem appears to be:
OPVDX001: Validation error in standalone.xml
-----------------------------------
|
| 470: </spi>
| 471: </subsystem>
| 472: <subsystem xmlns="urn:wildfly:elytron:1.2"
final-providers="combined-providers"
disallowed-providers="OracleUcrypto">
| ^^^^ Unexpected element '{urn:wildfly:elytron:1.2}subsystem'
|
| 473: <providers>
| 474: <aggregate-providers name="combined-providers">
| 475: <providers name="elytron"/>
|
| The primary underlying error message was:
| > ParseError at [row,col]:[472,9]
| > Message: Unexpected element '{urn:wildfly:elytron:1.2}subsystem'
|
|-------------------------------------------------------------------------------
The same standalone.xml still works in the keycloak 3.3, so it basically
seems to be ok, or not corrupt at least. This install has been upgraded
from:
3.0 -> 3.1 -> 3.3 (we skipped 3.2)
It seems that our config has to be migrated using the script, but the
upgrade-standalone.cli script will not run...
What to do?
MJ
2:26 a.m.
That seems like it could be an issue caused by the fact that KC 3.3 was
based on WildFly 11 Beta. You'll probably have to manually update the
standalone file (or grab the one from 3.2 release if you still have that).
On 14 November 2017 at 11:17, lists <lists(a)merit.unu.edu> wrote:
Hi,
Today we tried to upgrade our standalone 3.3 install to 3.4, following
the docs:
- copied 3.3 /standalone/ over the 3.4 install, replacing all
- copied mysql connector in modules/system/layers/keycloak/org
But then, the standalone upgrade script doesn't work:
> root@server:/opt/keycloak-3.4.0.Final# bin/jboss-cli.sh
--file=bin/migrate-standalone.cli
> Cannot start embedded server: WFLYEMB0021: Cannot start embedded
process: Operation failed: WFLYSRV0056: Server boot has failed in an
unrecoverable manner; exiting. See previous messages for details.
> root@server:/opt/keycloak-3.4.0.Final#
When starting the 3.4 server without having run the upgrade script, we
see what the actual problem appears to be:
> OPVDX001: Validation error in standalone.xml
-----------------------------------
> |
> | 470: </spi>
> | 471: </subsystem>
> | 472: <subsystem xmlns="urn:wildfly:elytron:1.2"
final-providers="combined-providers"
disallowed-providers="OracleUcrypto">
> | ^^^^ Unexpected element '{urn:wildfly:elytron:1.2}subsystem'
> |
> | 473: <providers>
> | 474: <aggregate-providers name="combined-providers">
> | 475: <providers name="elytron"/>
> |
> | The primary underlying error message was:
> | > ParseError at [row,col]:[472,9]
> | > Message: Unexpected element '{urn:wildfly:elytron:1.2}subsystem'
> |
> |-----------------------------------------------------------
--------------------
The same standalone.xml still works in the keycloak 3.3, so it basically
seems to be ok, or not corrupt at least. This install has been upgraded
from:
3.0 -> 3.1 -> 3.3 (we skipped 3.2)
It seems that our config has to be migrated using the script, but the
upgrade-standalone.cli script will not run...
What to do?
MJ
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
7:38 a.m.
Hi Stian, list,
So, manually editing standalone.xml got me further, but not yet 100%
succes. :-)
I edited standalone.xml by hand, and have things working on port 8080.
But we have been using keycloak 2.x / 3.x through apache2 reverse https
proxy, requiring the following config in standalone.xml:
<http-listener name="default"
socket-binding="http" redirect-socket="proxy-https"
proxy-address-forwarding="true" enable-http2="true"/>
However, keycloak 3.4 complains with this config:
14:34:18,158 ERROR [org.jboss.as.controller] (Controller Boot Thread)
WFLYCTL0362: Capabilities required by resource
'/subsystem=undertow/server=default-server/http-listener=default' are not
available:
org.wildfly.network.socket-binding.proxy-https; Possible registration points for this
capability:
/socket-binding-group=*/socket-binding=*
14:34:18,161 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server
boot has failed in an unrecoverable manner; exiting. See previous messages for details.
14:34:18,189 INFO [org.jboss.as] (MSC service thread 1-3) WFLYSRV0050: Keycloak
3.4.0.Final (WildFly Core 3.0.1.Final) stopped in 6ms
Some advise would be appreciated, as we are not that experienced in
wildfly / java, etc.
Or is there perhaps another (new?) way to have keycloak running on https
with an lets encrypt ssl certificate?
Using the apache2 reverse proxy way has served us very well, the last years.
Thanks!
MJ
On 11/15/2017 09:26 AM, Stian Thorgersen wrote:
That seems like it could be an issue caused by the fact that KC 3.3
was
based on WildFly 11 Beta. You'll probably have to manually update the
standalone file (or grab the one from 3.2 release if you still have that).
On 14 November 2017 at 11:17, lists <lists(a)merit.unu.edu
<mailto:lists@merit.unu.edu>> wrote:
Hi,
Today we tried to upgrade our standalone 3.3 install to 3.4, following
the docs:
- copied 3.3 /standalone/ over the 3.4 install, replacing all
- copied mysql connector in modules/system/layers/keycloak/org
But then, the standalone upgrade script doesn't work:
> root@server:/opt/keycloak-3.4.0.Final# bin/jboss-cli.sh
--file=bin/migrate-standalone.cli
> Cannot start embedded server: WFLYEMB0021: Cannot start embedded
process: Operation failed: WFLYSRV0056: Server boot has failed in an
unrecoverable manner; exiting. See previous messages for details.
> root@server:/opt/keycloak-3.4.0.Final#
When starting the 3.4 server without having run the upgrade script, we
see what the actual problem appears to be:
> OPVDX001: Validation error in standalone.xml
-----------------------------------
> |
> | 470: </spi>
> | 471: </subsystem>
> | 472: <subsystem xmlns="urn:wildfly:elytron:1.2"
final-providers="combined-providers"
disallowed-providers="OracleUcrypto">
> | ^^^^ Unexpected element '{urn:wildfly:elytron:1.2}subsystem'
> |
> | 473: <providers>
> | 474: <aggregate-providers
name="combined-providers">
> | 475: <providers name="elytron"/>
> |
> | The primary underlying error message was:
> | > ParseError at [row,col]:[472,9]
> | > Message: Unexpected element
'{urn:wildfly:elytron:1.2}subsystem'
> |
>
|-------------------------------------------------------------------------------
The same standalone.xml still works in the keycloak 3.3, so it basically
seems to be ok, or not corrupt at least. This install has been upgraded
from:
3.0 -> 3.1 -> 3.3 (we skipped 3.2)
It seems that our config has to be migrated using the script, but the
upgrade-standalone.cli script will not run...
What to do?
MJ
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
2611
days inactive
2614
days old
2 comments
3 participants
participants (3)
-
lists -
mj
-
Stian Thorgersen