The command of shutdown or deploy are invaild when using configured encryption and --secure together

Technote (troubleshooting)


Problem(Abstract)

Server cannot shutdown or deploy when using configured encryption and --secure together.

java.security.KeyStoreException: IBMKeyManager: Problem accessing key
store java.io.IOException: Keystore was tampered with, or password was
incorrect
at com.ibm.jsse2.rc.a(rc.java:45)
at com.ibm.jsse2.tc.g(tc.java:17)

Cause

ConfiguredEncryption gbean is not involved when using shutdown or deploy command

Resolving the problem

Add ConfiguredEncryption code to crypto package and involves it in EncryptionManager, so that we can decrypt Configured password when the ConfiguredEncryption gbean is not involved.

Use following steps to install:

1. Shutdown server

2. Backup [ServerInstallationPath]/lib/geronimo-crypto-2.1.8-wasce.jar

3. Add attached to [ServerInstallationPath]/lib

4. Enable ConfiguredEncryption gbean in config.xml like this:
<gbean name="org.apache.geronimo.framework/rmi-naming/2.1.8-wasce/car?j2eeType=GBean,name=ConfiguredEncryption" gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption">
<attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
<reference name="ServerInfo">
<pattern>
<name>ServerInfo</name>
</pattern>
</reference>
</gbean>
5. Add -Dorg.apache.geronimo.keyStoreTrustStorePasswordFile=[Your password file location] -Dorg.apache.geronimo.security.encryption.keyfile=[ServerInstallationPath]\var\security\ConfiguredSecretKey.ser to JAVA_OPTS and make it available
6. Start server


Rate this page:

(0 users)Average rating

Document information


More support for:

WebSphere Application Server Community Edition
Security

Software version:

2.1, 2.1.1.1, 2.1.1.2, 2.1.1.3, 2.1.1.4, 2.1.1.5, 2.1.1.6

Operating system(s):

Linux, Windows

Software edition:

Enhanced

Reference #:

1589034

Modified date:

2012-12-13

Translate my page

Machine Translation

Content navigation