[jboss-jira] [JBoss JIRA] Resolved: (JBREM-878) Bad Padding Exception with Unified Invoker and SSL

Andrew Oliver (JIRA) jira-events at lists.jboss.org
Tue Dec 18 06:11:43 EST 2007 

     [ http://jira.jboss.com/jira/browse/JBREM-878?page=all ]

Andrew Oliver resolved JBREM-878.
---------------------------------

    Resolution: Rejected
      Assignee: Andrew Oliver

nevermind figured it out, was the KeyPassword vs KeyStorePassword. . .  Just switched to specifying correct KeyStorePassword only and not having KeyPassword and the error went away.  

> Bad Padding Exception with Unified Invoker and SSL
> --------------------------------------------------
>
>                 Key: JBREM-878
>                 URL: http://jira.jboss.com/jira/browse/JBREM-878
>             Project: JBoss Remoting
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: unifiedinvoker
>    Affects Versions: UnifiedInvoker 1.0.1
>            Reporter: Andrew Oliver
>         Assigned To: Andrew Oliver
>
> After following: http://wiki.jboss.org/wiki/Wiki.jsp?page=SSLEJB2.1
> 05:25:05,241 WARN  [ServiceController] Problem starting service jboss.remoting:service=ServerSocketFactory,type=SSL
> java.io.IOException: Error initializing server socket factory SSL context: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded
>         at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275)
>         at java.security.KeyStore.load(KeyStore.java:1150)
>         at org.jboss.remoting.security.SSLSocketBuilder.loadKeyStore(SSLSocketBuilder.java:1548)
>         at org.jboss.remoting.security.SSLSocketBuilder.loadKeyManagers(SSLSocketBuilder.java:1442)
>         at org.jboss.remoting.security.SSLSocketBuilder.initializeServerSocketFactorySSLContext(SSLSocketBuilder.java:1250)
>         at org.jboss.remoting.security.SSLSocketBuilder.createCustomServerSocketFactory(SSLSocketBuilder.java:366)
>         at org.jboss.remoting.security.SSLSocketBuilder.createSSLServerSocketFactory(SSLSocketBuilder.java:346)
>         at org.jboss.remoting.security.SSLSocketBuilder.createSSLServerSocketFactory(SSLSocketBuilder.java:325)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:585)
>         at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
>         at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
>         at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
>         at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
>         at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
>         at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
>         at $Proxy9.createSSLServerSocketFactory(Unknown Source)
>         at org.jboss.remoting.security.SSLServerSocketFactoryService.start(SSLServerSocketFactoryService.java:61)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:585)
>         at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
>         at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
>         at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
>         at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
>         at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
>         at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:995)
>         at $Proxy0.start(Unknown Source)
>         at org.jboss.system.ServiceController.start(ServiceController.java:417)
>         at org.jboss.system.ServiceController.start(ServiceController.java:435)
>         at sun.reflect.GeneratedMethodAccessor5.invoke(Unknown Source)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:585)
>         at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
>         at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
>         at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
>         at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
>         at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
>         at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
>         at $Proxy4.start(Unknown Source)
>         at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302)
>         at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
>         at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
>         at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
>         at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:766)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:585)
>         at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
>         at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
>         at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
>         at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
>         at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
>         at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
>         at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
>         at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
>         at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
>         at $Proxy5.deploy(Unknown Source)
>         at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:482)
>         at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
>         at org.jboss.Main.boot(Main.java:200)
>         at org.jboss.Main$1.run(Main.java:508)
>         at java.lang.Thread.run(Thread.java:595)
>   <!-- This section is for custom (SSL) server socket factory  -->
>    <mbean code="org.jboss.remoting.security.SSLSocketBuilder"
>       name="jboss.remoting:service=SocketBuilder,type=SSL"
>       display-name="SSL Server Socket Factory Builder">
>       <attribute name="UseSSLServerSocketFactory">false</attribute>
>       <attribute name="KeyStoreURL">ourcorp.keystore</attribute>
>       <attribute name="KeyStorePassword">sslsocket</attribute>
>       <attribute name="KeyPassword">ourcorp999</attribute>
>       <attribute name="SecureSocketProtocol">TLS</attribute>
>       <!-- attribute name="KeyManagementAlgorithm">SunX509</attribute -->
>       <attribute name="KeyStoreType">PKCS12</attribute>
>    </mbean>
>  <mbean code="org.jboss.remoting.security.SSLServerSocketFactoryService"
>      name="jboss.remoting:service=ServerSocketFactory,type=SSL"
>      display-name="SSL Server Socket Factory">
>      <depends optional-attribute-name="SSLSocketBuilder"
>         proxy-type="attribute">jboss.remoting:service=SocketBuilder,type=SSL</depends>
>   </mbean>
>   <mbean code="org.jboss.remoting.transport.Connector"
>          name="jboss.remoting:service=Connector,transport=sslsocket">
>          display-name="SSL Socket transport Connector">
>      <attribute name="Configuration">
>         <config>
>             <invoker transport="sslsocket">
>               <attribute name="serverSocketFactory">jboss.remoting:service=ServerSocketFactory,type=SSL</attribute>
>               <attribute name="serverBindAddress">${jboss.bind.address}</attribute>
>               <attribute name="serverBindPort">3843</attribute>
>            </invoker>
>            <handlers>
>               <handler subsystem="invoker">jboss:service=invoker,type=unified</handler>
>            </handlers>
>         </config>
>      </attribute>
>      <!--If you specify the keystore and password in the command line and you're not using the custom ServerSocketFactory, you should take out the following line-->
>      <depends>jboss.remoting:service=ServerSocketFactory,type=SSL</depends>
>      <depends>jboss.remoting:service=NetworkRegistry</depends>
>   </mbean>
> (ourcorp was a find and replace)
> Note that the KeyManagementAlgoyrythm attribute doesn't exist and was commented out.  This very same keystore works with the JRPM/SSL/SecurityDomain setup with JBoss 4.0.2 etc without error.  Multiple different ways were used to reference the keystore file, a bad filename results in a different error.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list