[jboss-jira] [JBoss JIRA] (SECURITY-966) Key manager exported from legacy JSSE security domain does not work Elytron server-ssl-context
Stefan Guilhen (JIRA)
issues at jboss.org
Wed Mar 29 14:28:00 EDT 2017
[ https://issues.jboss.org/browse/SECURITY-966?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Guilhen closed SECURITY-966.
-----------------------------------
> Key manager exported from legacy JSSE security domain does not work Elytron server-ssl-context
> ----------------------------------------------------------------------------------------------
>
> Key: SECURITY-966
> URL: https://issues.jboss.org/browse/SECURITY-966
> Project: PicketBox
> Issue Type: Bug
> Components: JBossSX, Security-SPI
> Affects Versions: PicketBox_5_0_0.Beta1
> Reporter: Stefan Guilhen
> Assignee: Stefan Guilhen
> Fix For: PicketBox_5_0_0.Final
>
>
> It is not possible to use a key manager exported from legacy security domain (i.e. elytron-key-manager) in Elytron server-ssl-context. It results in:
> {noformat}
> {
> "outcome" => "failed",
> "failure-description" => {
> "WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.ssc" => "org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.ssc: WFLYELY00019: No 'X509ExtendedKeyManager' found in injected value."},
> "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.ssl-context.ssc"]
> },
> "rolled-back" => true
> }
> {noformat}
> The exported KeyManager doesn't extend the X509ExtendedKeyManager class. A simple change to SecurityKeyManager should make it compatible with the Elytron ssl contexts.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list