안녕하세요. jdk에서 유효하지 않은 인증서 문제로 질문 드립니다.
이번엔 서버 arch를 x86_64 에서 aarch64로 변경하게 되었습니다.
하여 jdk도 변경해주었는데요.
오라클 jdk-8u45-linux-x64 에서 jdk-8u301-linux-aarch64 로 변경했습니다.
그런데 aarch64 서버에서 jdk-8u301-linux-aarch64로 자바 어플리케이션을 기동하게 되면 아래와 같은 에러가 발생하고 있습니다.
===========================================================================
2021-10-13 08:50:43,499 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) JBAS014612: Operation ("add") failed - address: ([("core-service" => "vault")]): org.jboss.as.server.services.security.VaultReaderException: org.jboss.security.vault.SecurityVaultException: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/EBS/data1d1/sta/vkey/vault.keystore)
at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:90) [jboss-as-security-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.server.services.security.VaultAddHandler.performRuntime(VaultAddHandler.java:87) [jboss-as-server-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:75) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:710) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.AbstractOperationContext.doCompleteStep(AbstractOperationContext.java:545) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.AbstractOperationContext.completeStepInternal(AbstractOperationContext.java:338) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:314) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1152) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.ModelControllerImpl.boot(ModelControllerImpl.java:427) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:303) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.server.ServerService.boot(ServerService.java:372) [jboss-as-server-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.server.ServerService.boot(ServerService.java:343) [jboss-as-server-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:265) [jboss-as-controller-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_301]
Caused by: org.jboss.security.vault.SecurityVaultException: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/EBS/data1d1/sta/vkey/vault.keystore)
at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:210) [picketbox-4.1.7.Final-redhat-1.jar:4.1.7.Final-redhat-1]
at org.jboss.as.security.vault.RuntimeVaultReader.createVault(RuntimeVaultReader.java:88) [jboss-as-security-7.5.20.Final-redhat-1.jar:7.5.20.Final-redhat-1]
... 13 more
Caused by: java.lang.RuntimeException: PBOX000140: Unable to get keystore (/EBS/data1d1/sta/vkey/vault.keystore)
at org.picketbox.plugins.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:691) [picketbox-4.1.7.Final-redhat-1.jar:4.1.7.Final-redhat-1]
at org.picketbox.plugins.vault.PicketBoxSecurityVault.init(PicketBoxSecurityVault.java:205) [picketbox-4.1.7.Final-redhat-1.jar:4.1.7.Final-redhat-1]
... 14 more
Caused by: java.io.IOException: Invalid secret key format
at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:854) [sunjce_provider.jar:1.8.0_301]
at java.security.KeyStore.load(KeyStore.java:1445) [rt.jar:1.8.0_301]
at org.picketbox.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:201) [picketbox-4.1.7.Final-redhat-1.jar:4.1.7.Final-redhat-1]
at org.picketbox.util.KeyStoreUtil.getKeyStore(KeyStoreUtil.java:151) [picketbox-4.1.7.Final-redhat-1.jar:4.1.7.Final-redhat-1]
at org.picketbox.plugins.vault.PicketBoxSecurityVault.getKeyStore(PicketBoxSecurityVault.java:688) [picketbox-4.1.7.Final-redhat-1.jar:4.1.7.Final-redhat-1]
... 15 more
===========================================================================
DB 접근할때 패스워드를 key-store로 암호화하여 접근하는 부분입니다.
WAS는 jboss 6.4를 사용하고 있습니다.
로그의 마지막 부분을 보면 "Caused by: java.io.IOException: Invalid secret key format" 라고 나오는데
기존에서 X86_64에서 사용하는 key_store를 다시 만들어야 할까요?
비슷한 레포트를 찾아보고 있는데 능력의 한계로 해결을 못하고 있는 상황입니다.
문제를 해결하기 위한 조언 간절히 부탁드립니다. ㅠㅠ
해결 했습니다.
혹시 jboss was 쓰시는 다른분들 위해 레퍼런스 남겨요
http://www.mastertheboss.com/jbossas/jboss-security/solving-java-io-ioexception-invalid-secret-key-format/
댓글 달기