[keycloak-user] Keycloak will run server-jre only

Bruno Oliveira bruno at abstractj.org
Fri Mar 23 06:05:01 EDT 2018 

I believe that for Oracle JRE you have to install JCE[1].

[1] - http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

On 2018-03-23, Subodh Joshi wrote:
> Hi Team,
> 
> Is their any restriction that keycloak will work with server-jre only and
> not with client-jre ?
> In my linux machine we have following version installed
> 
>  /usr/sbin/alternatives --config java
> 
> There are 2 programs which provide 'java'.
> 
>   Selection    Command
> -----------------------------------------------
> *  1           java-1.8.0-openjdk.x86_64
> (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.141-2.b16.el7_4.x86_64/jre/bin/java)
>  + 2           /usr/java/jre1.8.0_102/bin/java
> 
> Then its working fine with openjdk but keycloak not coming up with Oracle
> client-jre and giving this exception
> 
> 2018-03-22 12:30:56,163 ERROR
> [org.jboss.as.controller.management-operation] (ServerService Thread
> Pool -- 26) WFLYCTL0013: Operation ("add") failed - address: ([
>     ("subsystem" => "datasources"),
>     ("data-source" => "KeycloakDS")
> ]): org.jboss.as.server.services.security.VaultReaderException:
> WFLYSRV0227: Security exception accessing the vault
>         at org.jboss.as.server.services.security.RuntimeVaultReader.retrieveFromVault(RuntimeVaultReader.java:124)
>         at org.jboss.as.server.RuntimeExpressionResolver.resolvePluggableExpression(RuntimeExpressionResolver.java:65)
>         at org.jboss.as.controller.ExpressionResolverImpl.resolveExpressionString(ExpressionResolverImpl.java:341)
>         at org.jboss.as.controller.ExpressionResolverImpl.parseAndResolve(ExpressionResolverImpl.java:246)
>         at org.jboss.as.controller.ExpressionResolverImpl.resolveExpressionStringRecursively(ExpressionResolverImpl.java:143)
>         at org.jboss.as.controller.ExpressionResolverImpl.resolveExpressionsRecursively(ExpressionResolverImpl.java:84)
>         at org.jboss.as.controller.ExpressionResolverImpl.resolveExpressions(ExpressionResolverImpl.java:66)
>         at org.jboss.as.controller.ModelControllerImpl.resolveExpressions(ModelControllerImpl.java:868)
>         at org.jboss.as.controller.OperationContextImpl.resolveExpressions(OperationContextImpl.java:1269)
>         at org.jboss.as.controller.ParallelBootOperationContext.resolveExpressions(ParallelBootOperationContext.java:438)
>         at org.jboss.as.controller.AttributeDefinition$1.resolveExpressions(AttributeDefinition.java:619)
>         at org.jboss.as.controller.AttributeDefinition.resolveValue(AttributeDefinition.java:683)
>         at org.jboss.as.controller.AttributeDefinition.resolveModelAttribute(AttributeDefinition.java:642)
>         at org.jboss.as.controller.AttributeDefinition.resolveModelAttribute(AttributeDefinition.java:616)
>         at org.jboss.as.connector.util.ModelNodeUtil.getResolvedStringIfSetOrGetDefault(ModelNodeUtil.java:35)
>         at org.jboss.as.connector.subsystems.datasources.DataSourceModelNodeUtil.from(DataSourceModelNodeUtil.java:178)
>         at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceAdd.secondRuntimeStep(AbstractDataSourceAdd.java:348)
>         at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceAdd$1.execute(AbstractDataSourceAdd.java:133)
>         at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:980)
>         at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:726)
>         at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:450)
>         at org.jboss.as.controller.ParallelBootOperationStepHandler$ParallelBootTask.run(ParallelBootOperationStepHandler.java:386)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
>         at java.lang.Thread.run(Unknown Source)
>         at org.jboss.threads.JBossThread.run(JBossThread.java:320)
> Caused by: org.jboss.security.vault.SecurityVaultException:
> java.security.InvalidKeyException: Illegal key size or default
> parameters
>         at org.picketbox.plugins.vault.PicketBoxSecurityVault.retrieve(PicketBoxSecurityVault.java:297)
>         at org.jboss.as.server.services.security.RuntimeVaultReader.getValue(RuntimeVaultReader.java:157)
>         at org.jboss.as.server.services.security.RuntimeVaultReader.retrieveFromVault(RuntimeVaultReader.java:110)
>         ... 25 more
> Caused by: java.security.InvalidKeyException: Illegal key size or
> default parameters
>         at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026)
>         at javax.crypto.Cipher.implInit(Cipher.java:801)
> 
> 
> But same setup working with *open-jdk *without any issue after that i
> updated the Oracle Java and used *server-jre *
> 
> [root at ha1 ~]#  /usr/sbin/alternatives --config java
> 
> There are 2 programs which provide 'java'.
> 
>   Selection    Command
> -----------------------------------------------
> *  1           java-1.8.0-openjdk.x86_64
> (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.141-2.b16.el7_4.x86_64/jre/bin/java)
>  + 2           /usr/java/jre1.8.0_102/bin/java
> 
> This time it worked totally fine and keycloak running without any issue .
> -- 
> Subodh Chandra Joshi
>   <subodh1_joshi82 at yahoo.co.in>
> http://www.questioninmind.com
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-- 

abstractj

More information about the keycloak-user mailing list