search

bitnami / charts

Bitnami Helm Charts
https://bitnami.com
Other
9.04k stars 9.22k forks source link

Bitnami/EJBCA openshift BouncyCastle issue #30562

Open MRLeflei opened 10 hours ago

MRLeflei commented 10 hours ago

Name and Version

Bitnami/ejbca

What architecture are you using?

amd64

What steps will reproduce the bug?

When deploying the EJBCA container to openshift the default managementCA keystore is corrupted.

I believe this is the cause:

ERROR [org.ejbca.core.ejb.StartupSingletonBean] (ServerService Thread Pool -- 106) BouncyCastle is not loaded by an EJBCA classloader, version conflict is likely: org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateObject:"
[](url)

Are you using any custom parameters or values?

            - name: EJBCA_DATABASE_HOST
              value: "mariadb"
            - name: EJBCA_DATABASE_NAME
              value: "bitnami_ejbca"
            - name: EJBCA_DATABASE_USERNAME
              value: "bn_ejbca"
            - name: EJBCA_DATABASE_PASSWORD
              value: "Bitnami1234"
            - name: TLS_SETUP_ENABLED
              value: "true"

What is the expected behavior?

Keystore is generated for superadmin

What do you see instead?

INFO [org.ejbca.ra.EnrollWithRequestIdBean] (default task-5) Keystore could not be generated for user superadmin

Additional information

This problem causes the ManagementCA to not generate certificates

carrodher commented 5 hours ago

Hi, the issue may not be directly related to the Bitnami container image/Helm chart, but rather to how the application is being utilized, configured in your specific environment, or tied to a particular scenario that is not easy to reproduce on our side.

If you think that's not the case and want to contribute a solution, we'd like to invite you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Please feel free to contact us if you have any questions or need assistance.

Suppose you have any questions about the application, customizing its content, or technology and infrastructure usage. In that case, we highly recommend that you refer to the forums and user guides provided by the project responsible for the application or technology.

With that said, we'll keep this ticket open until the stale bot automatically closes it, in case someone from the community contributes valuable insights.