IBM Support

Unlock keystore action appears to be broken when WebSphere Application Server Community Edition 2.1.1.6 running against JDK 1.7

Troubleshooting


Problem

If you follow the instruction below to unlock a keystore, you will meet an Error like "Unable to format attribute of type java.net.URI; no editor found".

Symptom

To reproduce the issue, please follow the instruction below.

1. Start wasce 2.1.1.6 server.

2. Use keytool command to create a keystore with a key.
For example, run the command below.

keytool -genkeypair -keystore test.jks -alias testkey -keyalg RSA -keysize 2048 -dname "cn=test.apache.org,c=US" -validity 365 -storepass welcome1

3.Copy the keystore to <wasce-home>\var\security\keystores

4.Use deploy encrypt to encrypt the password "welcome1",go the encrypt string:

{Simple}rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AAJ4cHB1cgACW0Ks8xf4BghU4AIAAHhwAAAAEKvo5tkjHVqHlsBtDNRytadwdAADQUVT

Add the string into config-substitution.properties like this:

test.jks = {Simple}
rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AAJ4cHB1cgACW0Ks8xf4BghU4AIAAHhwAAAAEKvo5tkjHVqHlsBtDNRytadwdAADQUVT
testkey =
{Simple}
rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWx

5. Restart the server.

6. Use deploy unlockKeystore command to unlock test.jks. For example,
java -jar deployer.jar -u system -p manager unlockKeystore test.jks


The result is the unlockKeystore e action seems to success. But you can find an ERROR below in admin console. It will generate an incomplete j2ee-security module in config.xml. When you restart the server, you will fail on it.


2013-03-15 15:03:56,532 WARN [FileKeystoreManager] keystoreType for new keystore "test.jks" set to "jks" based on file extension.
2013-03-15 15:03:56,571 ERROR [LocalAttributeManager] Unable to format attribute of type java.net.URI; no editor found

Resolving The Problem

To fix this issue, please follow this instruction.

1. Download the patch file. UnlockkeystoreFailwithJDK7Patch2.1.1.6.zipUnlockkeystoreFailwithJDK7Patch2.1.1.6.zip

2. Unzip the patch file into the WebSphere Application Server Community Edition installation directory, and ensure the files in the zip file replace the ones in the server installation.

3. Start the server, for example,

<WAS_CE_HOME>\bin\startup

<WAS_CE_HOME>/bin/startup.sh

[{"Product":{"code":"SS6JMN","label":"WebSphere Application Server Community Edition"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"2.1.1.6","Edition":"Entry;Enhanced;Elite","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
15 June 2018

UID

swg21628525

Page Feedback