qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Keith Wall (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (QPID-5976) File Keystores or truststores created with the incorrect path/password cannot be deleted
Date Fri, 08 Aug 2014 10:17:12 GMT

     [ https://issues.apache.org/jira/browse/QPID-5976?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Keith Wall updated QPID-5976:
-----------------------------

    Description: 
If I create a keystore or truststore using the Web Management UI but mistype the file path
or password, the keystore/truststore object is created anyway.

If I then try delete the keystore/truststore, I receive an error message and the object remains.

{noformat}
Error:RequestError: Unable to load api/latest/keystore?id=f6c298f6-3735-49b7-bf26-d138273d561e
status: 409
{noformat}
The problem is that even on delete, the keystore/trustore tries to validate itself, this validation
fails and prevents the deletion from proceeding.


{noformat}
org.apache.qpid.server.configuration.IllegalConfigurationException: Cannot instantiate key
store at /Users/keith/src/qpid/qpid/java/test-profiles/test_resources/ssl/java_broker_keystore.jks
	at org.apache.qpid.server.security.FileKeyStoreImpl.validateKeyStoreAttributes(FileKeyStoreImpl.java:173)
	at org.apache.qpid.server.security.FileKeyStoreImpl.validateChange(FileKeyStoreImpl.java:158)
	at org.apache.qpid.server.model.AbstractConfiguredObject.changeAttributes(AbstractConfiguredObject.java:1295)
	at org.apache.qpid.server.model.AbstractConfiguredObject$11.execute(AbstractConfiguredObject.java:1282)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$2.execute(TaskExecutorImpl.java:149)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$2.execute(TaskExecutorImpl.java:145)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.executeTask(TaskExecutorImpl.java:299)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.submit(TaskExecutorImpl.java:131)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.run(TaskExecutorImpl.java:251)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.run(TaskExecutorImpl.java:144)
	at org.apache.qpid.server.model.AbstractConfiguredObject.runTask(AbstractConfiguredObject.java:1259)
	at org.apache.qpid.server.model.AbstractConfiguredObject.setAttributes(AbstractConfiguredObject.java:1276)
	at org.apache.qpid.server.model.AbstractConfiguredObject$7.execute(AbstractConfiguredObject.java:814)
	at org.apache.qpid.server.model.AbstractConfiguredObject$7.execute(AbstractConfiguredObject.java:799)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.executeTask(TaskExecutorImpl.java:299)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.access$400(TaskExecutorImpl.java:43)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper$1.run(TaskExecutorImpl.java:327)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Subject.java:356)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper.call(TaskExecutorImpl.java:322)
	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:744)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
	at java.security.KeyStore.load(KeyStore.java:1214)
	at org.apache.qpid.transport.network.security.ssl.SSLUtil.getInitializedKeyStore(SSLUtil.java:172)
	at org.apache.qpid.server.security.FileKeyStoreImpl.validateKeyStoreAttributes(FileKeyStoreImpl.java:169)
	... 23 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
	... 27 more
{noformat}

  was:
If I create a keystore or truststore using the Web Management UI but mistype the file path
or password, the keystore/truststore object is created anyway.

If I then try delete the keystore/truststore, I receive an error message and the object remains.

{noformat}
Error:RequestError: Unable to load api/latest/keystore?id=f6c298f6-3735-49b7-bf26-d138273d561e
status: 409

The problem is that even on delete, the keystore/trustore tries to validate itself, this validation
fails and prevents the deletion from proceeding.


org.apache.qpid.server.configuration.IllegalConfigurationException: Cannot instantiate key
store at /Users/keith/src/qpid/qpid/java/test-profiles/test_resources/ssl/java_broker_keystore.jks
	at org.apache.qpid.server.security.FileKeyStoreImpl.validateKeyStoreAttributes(FileKeyStoreImpl.java:173)
	at org.apache.qpid.server.security.FileKeyStoreImpl.validateChange(FileKeyStoreImpl.java:158)
	at org.apache.qpid.server.model.AbstractConfiguredObject.changeAttributes(AbstractConfiguredObject.java:1295)
	at org.apache.qpid.server.model.AbstractConfiguredObject$11.execute(AbstractConfiguredObject.java:1282)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$2.execute(TaskExecutorImpl.java:149)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$2.execute(TaskExecutorImpl.java:145)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.executeTask(TaskExecutorImpl.java:299)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.submit(TaskExecutorImpl.java:131)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.run(TaskExecutorImpl.java:251)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.run(TaskExecutorImpl.java:144)
	at org.apache.qpid.server.model.AbstractConfiguredObject.runTask(AbstractConfiguredObject.java:1259)
	at org.apache.qpid.server.model.AbstractConfiguredObject.setAttributes(AbstractConfiguredObject.java:1276)
	at org.apache.qpid.server.model.AbstractConfiguredObject$7.execute(AbstractConfiguredObject.java:814)
	at org.apache.qpid.server.model.AbstractConfiguredObject$7.execute(AbstractConfiguredObject.java:799)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.executeTask(TaskExecutorImpl.java:299)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.access$400(TaskExecutorImpl.java:43)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper$1.run(TaskExecutorImpl.java:327)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Subject.java:356)
	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper.call(TaskExecutorImpl.java:322)
	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:744)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
	at java.security.KeyStore.load(KeyStore.java:1214)
	at org.apache.qpid.transport.network.security.ssl.SSLUtil.getInitializedKeyStore(SSLUtil.java:172)
	at org.apache.qpid.server.security.FileKeyStoreImpl.validateKeyStoreAttributes(FileKeyStoreImpl.java:169)
	... 23 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
	... 27 more
{noformat}


> File Keystores or truststores created with the incorrect path/password cannot be deleted
> ----------------------------------------------------------------------------------------
>
>                 Key: QPID-5976
>                 URL: https://issues.apache.org/jira/browse/QPID-5976
>             Project: Qpid
>          Issue Type: Bug
>          Components: Java Broker
>    Affects Versions: 0.29
>            Reporter: Keith Wall
>            Priority: Minor
>
> If I create a keystore or truststore using the Web Management UI but mistype the file
path or password, the keystore/truststore object is created anyway.
> If I then try delete the keystore/truststore, I receive an error message and the object
remains.
> {noformat}
> Error:RequestError: Unable to load api/latest/keystore?id=f6c298f6-3735-49b7-bf26-d138273d561e
status: 409
> {noformat}
> The problem is that even on delete, the keystore/trustore tries to validate itself, this
validation fails and prevents the deletion from proceeding.
> {noformat}
> org.apache.qpid.server.configuration.IllegalConfigurationException: Cannot instantiate
key store at /Users/keith/src/qpid/qpid/java/test-profiles/test_resources/ssl/java_broker_keystore.jks
> 	at org.apache.qpid.server.security.FileKeyStoreImpl.validateKeyStoreAttributes(FileKeyStoreImpl.java:173)
> 	at org.apache.qpid.server.security.FileKeyStoreImpl.validateChange(FileKeyStoreImpl.java:158)
> 	at org.apache.qpid.server.model.AbstractConfiguredObject.changeAttributes(AbstractConfiguredObject.java:1295)
> 	at org.apache.qpid.server.model.AbstractConfiguredObject$11.execute(AbstractConfiguredObject.java:1282)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$2.execute(TaskExecutorImpl.java:149)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$2.execute(TaskExecutorImpl.java:145)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.executeTask(TaskExecutorImpl.java:299)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.submit(TaskExecutorImpl.java:131)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.run(TaskExecutorImpl.java:251)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.run(TaskExecutorImpl.java:144)
> 	at org.apache.qpid.server.model.AbstractConfiguredObject.runTask(AbstractConfiguredObject.java:1259)
> 	at org.apache.qpid.server.model.AbstractConfiguredObject.setAttributes(AbstractConfiguredObject.java:1276)
> 	at org.apache.qpid.server.model.AbstractConfiguredObject$7.execute(AbstractConfiguredObject.java:814)
> 	at org.apache.qpid.server.model.AbstractConfiguredObject$7.execute(AbstractConfiguredObject.java:799)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.executeTask(TaskExecutorImpl.java:299)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl.access$400(TaskExecutorImpl.java:43)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper$1.run(TaskExecutorImpl.java:327)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.Subject.doAs(Subject.java:356)
> 	at org.apache.qpid.server.configuration.updater.TaskExecutorImpl$CallableWrapper.call(TaskExecutorImpl.java:322)
> 	at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> 	at java.lang.Thread.run(Thread.java:744)
> Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
> 	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
> 	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
> 	at java.security.KeyStore.load(KeyStore.java:1214)
> 	at org.apache.qpid.transport.network.security.ssl.SSLUtil.getInitializedKeyStore(SSLUtil.java:172)
> 	at org.apache.qpid.server.security.FileKeyStoreImpl.validateKeyStoreAttributes(FileKeyStoreImpl.java:169)
> 	... 23 more
> Caused by: java.security.UnrecoverableKeyException: Password verification failed
> 	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
> 	... 27 more
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message