Jboss SecurityVaultException - Jdk7u191

从JDK 7 u171切换到JDK 7 u191。在启动Jboss时看到以下错误。

05:05:51,804 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) JBAS014612: Operation ("add") failed - address: ([("core-service" => "vault")]): java.lang.RuntimeException: JBAS015804: Error initializing vault --  org.jboss.as.server.services.security.VaultReaderException: JBAS013313: Vault Reader Exception:
    at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java:89) [jboss-as-server-7.4.3.Final-redhat-2-bz-1195283.jar:7.4.3.Final-redhat-3]
    at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:75) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:611) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.java:489) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.controller.AbstractOperationContext.completeStepInternal(AbstractOperationContext.java:290) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:285) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1132) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:322) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:292) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.server.ServerService.boot(ServerService.java:346) [jboss-as-server-7.4.3.Final-redhat-2-bz-1195283.jar:7.4.3.Final-redhat-3]
    at org.jboss.as.server.ServerService.boot(ServerService.java:321) [jboss-as-server-7.4.3.Final-redhat-2-bz-1195283.jar:7.4.3.Final-redhat-3]
    at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:254) [jboss-as-controller-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_191]
Caused by: org.jboss.as.server.services.security.VaultReaderException: JBAS013313: Vault Reader Exception:
    at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:95) [jboss-as-security-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java:87) [jboss-as-server-7.4.3.Final-redhat-2-bz-1195283.jar:7.4.3.Final-redhat-3]
    ... 12 more
Caused by: org.jboss.security.vault.SecurityVaultException: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/instances/abc-test1/configuration/vault/vault.keystore)
    at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:210) [picketbox-4.0.19.SP10-redhat-1.jar:4.0.19.SP10-redhat-1]
    at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:93) [jboss-as-security-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
    ... 13 more
Caused by: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/instances/abc-test1/configuration/vault/vault.keystore)
    at org.picketbox.plugins.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:678) [picketbox-4.0.19.SP10-redhat-1.jar:4.0.19.SP10-redhat-1]
    at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:205) [picketbox-4.0.19.SP10-redhat-1.jar:4.0.19.SP10-redhat-1]
    ... 14 more
Caused by: java.io.IOException: Invalid secret key format
    at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:861) [sunjce_provider.jar:1.7.0_191]
    at java.security.KeyStore.load(KeyStore.java:1357) [rt.jar:1.7.0_191]
    at org.picketbox.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:201) [picketbox-4.0.19.SP10-redhat-1.jar:4.0.19.SP10-redhat-1]
    at org.picketbox.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:151) [picketbox-4.0.19.SP10-redhat-1.jar:4.0.19.SP10-redhat-1]
    at org.picketbox.plugins.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:675) [picketbox-4.0.19.SP10-redhat-1.jar:4.0.19.SP10-redhat-1]
    ... 15 more

05:05:51,825 FATAL [org.jboss.as.server] (Controller Boot Thread) JBAS015957: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.

字符串
05：05：51，867信息[org.jboss.as]（MSC服务线程1-2）JBAS 015950：JBoss EAP 6.3.3.GA（AS 7.4.3.Final-redhat-2）在11毫秒内停止
JBoss EAP 6.3.3.GA（AS 7.4.3.Final-redhat-2）
java版本“1.7.0_191”Java（TM）SE虚拟机环境（build 1.7.0_191-b 08）Java HotSpot（TM）64位服务器虚拟机（build 24.191-b 08，混合模式）

如果你使用的是3DES算法，可能与JDK 1.7.0u181中的这个变化有关：
security-libs/javax.net.ssl禁用3DES密码套件
为了提高SSL/TLS连接的强度，在JDK中通过jdk.tls.disabledAlgorithms Security属性在SSL/TLS连接中禁用了3DES密码套件。
JDK-8175075（非公开）
您可以尝试Oracle中的指令重新启用3DES密码：

在JDK 8和更早版本上，编辑/lib/security/java.security文件并从jdk.tls.legacyAlgorithms安全属性中删除3DES_EDE_CBC。
在JDK 9上，编辑/conf/security/java.security文件并从jdk.tls.legacyAlgorithms安全属性中删除3DES_EDE_CBC。

例如，如果当前值为：

jdk.tls.legacyAlgorithms= \
    K_NULL, C_NULL, M_NULL, \
    DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
    DH_RSA_EXPORT, RSA_EXPORT, \
    DH_anon, ECDH_anon, \
    RC4_128, RC4_40, DES_CBC, DES40_CBC, \
    3DES_EDE_CBC

字符串
删除3DES_EDE_CBC后的新值为：

jdk.tls.legacyAlgorithms= \
    K_NULL, C_NULL, M_NULL, \
    DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
    DH_RSA_EXPORT, RSA_EXPORT, \
    DH_anon, ECDH_anon, \
    RC4_128, RC4_40, DES_CBC, DES40_CBC

型

Jboss SecurityVaultException - Jdk7u191

1条答案

相关问题

热门标签

最新问答