search

xetus-oss / docker-archiva

A docker image for Apache Archiva
Apache License 2.0
55 stars 34 forks source link

KEYSTORE passcode issue. #9

Closed slackeast closed 6 years ago

slackeast commented 6 years ago

I run this command:

docker run --name archiva -h archiva -d -p 443:8443 -e SSL_ENABLED=true -e KEYSTORE_PASS=“passcode2017#” -v /opt/archiva:/archiva-data xetusoss/archiva

However, I get this error:

Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect INFO | jvm 5 | 2018/03/08 23:58:32 | at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780) INFO | jvm 5 | 2018/03/08 23:58:32 | at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) INFO | jvm 5 | 2018/03/08 23:58:32 | at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) INFO | jvm 5 | 2018/03/08 23:58:32 | at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) INFO | jvm 5 | 2018/03/08 23:58:32 | at java.security.KeyStore.load(KeyStore.java:1445) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:55) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyStore(SslContextFactory.java:1053) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1013) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:264) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:612) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.server.Server.doStart(Server.java:293) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1274) INFO | jvm 5 | 2018/03/08 23:58:32 | at java.security.AccessController.doPrivileged(Native Method) INFO | jvm 5 | 2018/03/08 23:58:32 | at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1197) INFO | jvm 5 | 2018/03/08 23:58:32 | ... 13 more INFO | jvm 5 | 2018/03/08 23:58:32 | Caused by: java.security.UnrecoverableKeyException: Password verification failed INFO | jvm 5 | 2018/03/08 23:58:32 | at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778) INFO | jvm 5 | 2018/03/08 23:58:32 | ... 29 more

When I goto /opt/archiva/ssl/keystore and type this command:

keytool -list -v -keystore keystore -storepass passcode2017#

I then get a list of certificates. So I know the passcode is correct. Not sure the problem. Its almost like its still using the default "changeit" password. Advice?

x-lhan commented 6 years ago

Can you confirm the keystore pass configured under " /opt/archiva/conf/jetty.xml" is expected? If it is not the same password. It maybe cause by a limitation in password pattern. Currently the password does not support double backslash(e.g. "\\"). Please modify jetty.xml to match and give a try after.

slackeast commented 6 years ago

The quotation marks were around the password in the jetty.xml file. I misinterpreted the README example where it shows " marks around the password. That seemed to work and I don't get any messages in the wrapper log. Achiva.log looks good too but I can't connect to page. I will research.

x-lhan commented 6 years ago

Glad to hear.