geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Bohn <joe.b...@earthlink.net>
Subject Re: 1.1 keystore portlet bugs & patches
Date Wed, 26 Jul 2006 19:43:21 GMT

I think I understand your goals here Vamsi.  However, I'm not sure that 
the portlet (as it currently stands) is a net positive or negative for 
Geronimo, even with your changes.  It's not a matter of "stress" tests. 
    It looks like basic function tests (unit tests) aren't working with 
this portlet.  I don't fully understand the function of this portlet and 
perhaps that is clouding my judgment.

Here's a list of the problems that I'm seeing (not necessarily complete):
1)  You can hose the jetty server with one simple mouse click on the 
available lock icon.  Even if we provided a warning prior to taking any 
action, it is still not a safe situation.  There was a comment on the 
dev list just before 1.1 went out that this could be fixed by setting 
load="false" on the SSLConnector and making the keystore available after 
server restart ... then restarting with the SSLConnector loaded again. 
However, even after doing this the next restart of the server still 
fails with the same error even though the console shows the keystore as 
available.  I think this is a critical problem (see earlier post for one 
proposal on how to fix this by requiring the password).

2) Serialization failures terminating tomcat after attempting to lock a 
keystore so that it is unavailable.

2) The first panel indicates that the initial state of the keystores is 
locked and unavailable.  However, it appears this is in error as the 
default keystore is locked to edit but available.  This might just be 
semantics but it sounds like the capability doesn't match the description.

3) Unlocking for edit state or making the keystore available after it's 
been locked seems to always result in serialization errors.

4) The keystore itself is not selectable when edit is "locked". I assume 
this is by design.  If you attempt to unlock the keystore for edit and 
provide no password (or a bogus password), then in addition to the 
exception being tossed for the bad password I would expect the keystore 
to remain locked. However, the edit icon will show unlocked and you can 
get to the edit fields of the keystore.

These problems don't have anything to do with the patch ... but I think 
they are higher priority than the items that the patch does address.

Again, many of these "problems" may be my mis-understanding.  However, 
I'm pretty sure that our users are not going to understand this any 
better than I did and potentially get themselves into trouble (esp. with 
Jetty).

Vamsi,
On your patch I don't see a lot changes from the initial behavior.  Can 
you explain how I can get to re-introduced function that had been 
missing (preferably with a comment to GERONIMO-2218)?

I'm also confused because I see things that I think are the functions 
you list as missing even before I apply the patch.  For example, the 
JIRAs indicated that you could not import a CA reply.  But isn't this 
just the ability to import the certificate itself?  One difference 
between the behavior with your patch versus the front-door code is how 
the certificate is specified for import.  The front-door code imports by 
selecting a certificate file (both jetty and tomcat) but with the patch 
it is an input field that wants the certificate content. Can you help me 
understand how it is better to cut and paste the content of the file 
rather than just select the file or am I not comparing these correctly?

Your patch also mentioned adding the capability to generate a 
certificate.  Perhaps this is the reason for the input text field rather 
than the file so that you can enter it free-form.  However, it seems we 
would still want to support the file import.  Also, I don't see where we 
would generate a certificate request with or without the patch.

Joe




Vamsavardhana Reddy wrote:
> Hi Joe,
> 
> I have not subject the new Keystore portlet to "stress test" (rather, 
> the server under stress due to the keystore portlet).  My first priority 
> was to get atleast the minimal functionality in place so that the 
> keystore portlet is useful in a "production environment".  In my 
> opinion, the idea of having the keystore portlet is to eliminate need 
> for tools like "keytool" and "ikeyman".  More functions are needed in 
> the portlet to get it on par with the tools mentioned above.  Once the 
> basic functionality is in place, I will look at scenarios where the 
> server is failing due to some side effects from the keystore portlet and 
> provide fixes.
> 
> Regards,
> Vamsi
> On 7/26/06, *Joe Bohn* <joe.bohn@earthlink.net 
> <mailto:joe.bohn@earthlink.net>> wrote:
> 
> 
>     I was looking to see what else we need to get fixed in 1.1.1 and noticed
>     that there are several issues (in both 1.1 and 1.1.1) around the
>     keystore portlet.   I know nothing about the keystore portlet and
>     thought I'd check here (esp. with Aaron) before I started looking into
>     the patches that Vamsi has provided.   It appears that this is a real
>     problem spot (esp. given my initial experiment ... see below), so I'm
>     hoping that the patch from Vamsi works wonders :-) .
> 
>     It seems like there are a number of issues (1196, 1531, 1984, and 2218)
>     which have all been grouped with one fix under 2218.  Some of these
>     sound like enhancements to me but since they appear to be addressing
>     function that was previously available in 1.0 but dropped from the
>     updated keystore portlet I assume they could be considered bug fixes.
>     Comments?
> 
>     While just trying to get familiar with the keystore portlet as it
>     currently stands (w/o the 2218 patch) I managed to get serialization
>     errors that then reappeared each time I attempted to stop the server
>     (even with no additional changes).  I also managed to get the jetty
>     server into a state where it could not start with just two clicks of the
>     mouse from the portlet (one on the "unlocked" icon under "Available"
>     for
>     the geronimo-default keystore and then a second click on then "locked"
>     icon attempting to undo what I did with the first click).   The result
>     was the following set of stack traces on server restart (kinda funny
>     how
>     it wants me to unlock the keystore using the console when the server
>     itself won't even start).
> 
>     Joe
> 
>     Booting Geronimo Kernel (in Java 1.4.2_08)...
>     Starting Geronimo Application Server v1.1.1-SNAPSHOT
>     [*********>            ] 43%   8s Starting
>     geronimo/jetty/1.1.1-SNA...10:27:12,640 WARN  [SslListener] EXCEPTION
>     org.apache.geronimo.management.geronimo.KeystoreIsLocked: Keystore
>     'geronimo-default' is locked; please use the keystore page in the admin
>     console to unlock it
>              at
>     org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory(FileKeystoreManager.java:300)
>              at
>     org.apache.geronimo.security.keystore.FileKeystoreManager$$FastClassByCGLIB$$4d9d2a71.invoke
>     (<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke
>     (GBeanOperation.java:122)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.management.geronimo.KeystoreManager$$EnhancerByCGLIB$$be50f1ec.createSSLServerFactory(<generated>)
>              at
>     org.apache.geronimo.jetty.connector.GeronimoSSLListener.createFactory(GeronimoSSLListener.java
>     :41)
>              at
>     org.mortbay.http.SslListener.newServerSocket(SslListener.java:283)
>              at
>     org.mortbay.util.ThreadedServer.open(ThreadedServer.java:477)
>              at
>     org.apache.geronimo.jetty.connector.JettyConnector.doStart
>     (JettyConnector.java:233)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:981)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java
>     :267)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:526)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:111)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:146)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency$1.running
>     (GBeanDependency.java:120)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:173)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300
>     (BasicLifecycleMonitor.java:41)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:251)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart
>     (GBeanInstanceState.java:292)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java
>     :526)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:111)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:146)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:120)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:173)
> 
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:41)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent
>     (BasicLifecycleMonitor.java:251)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:292)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start
>     (GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:124)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive
>     (GBeanInstance.java:540)
>              at
>     org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:379)
>              at
>     org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans
>     (ConfigurationUtil.java:374)
>              at
>     org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:187)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
>     (SimpleConfigurationManager.java:512)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:493)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke
>     (<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke
>     (GBeanOperation.java:122)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$cd144e8e.startConfiguration(<generated>)
>              at
>     org.apache.geronimo.system.main.Daemon.doStartup(Daemon.java:297)
>              at
>     org.apache.geronimo.system.main.Daemon.<init>(Daemon.java:74)
>              at org.apache.geronimo.system.main.Daemon.main(Daemon.java:377)
>     10:27:12,750 ERROR [GBeanInstanceState] Error while starting; GBean is
>     now in the FAILED state:
>     abstractName="geronimo/jetty/1.1.1-SNAPSHOT/car?ServiceModule=ge
>     ronimo/jetty/1.1.1-SNAPSHOT/car,j2eeType=GBean,name=JettySSLConnector"
>     java.io.IOException: Could not create JsseListener:
>     org.apache.geronimo.management.geronimo.KeystoreIsLocked: Keystore
>     'geronimo-default' is locked; please use
>     the keystore page in the admin console to unlock it
>              at
>     org.mortbay.http.SslListener.newServerSocket (SslListener.java:314)
>              at
>     org.mortbay.util.ThreadedServer.open(ThreadedServer.java:477)
>              at
>     org.apache.geronimo.jetty.connector.JettyConnector.doStart(JettyConnector.java:233)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance
>     (GBeanInstance.java:981)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:267)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java
>     :102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:526)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:111)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:146)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:120)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent
>     (BasicLifecycleMonitor.java:173)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:41)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent
>     (BasicLifecycleMonitor.java:251)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:292)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start
>     (GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:526)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java
>     :111)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:146)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:120)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:173)
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:41)
> 
>              at
>     org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:251)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart
>     (GBeanInstanceState.java:292)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive
>     (GBeanInstanceState.java:124)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:540)
>              at
>     org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java
>     :379)
>              at
>     org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:374)
>              at
>     org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java
>     :187)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:512)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
>     (SimpleConfigurationManager.java:493)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke(<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke (FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:122)
> 
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke
>     (RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$cd144e8e.startConfiguration
>     (<generated>)
>              at
>     org.apache.geronimo.system.main.Daemon.doStartup(Daemon.java:297)
>              at
>     org.apache.geronimo.system.main.Daemon.<init>(Daemon.java:74)
>              at org.apache.geronimo.system.main.Daemon.main
>     (Daemon.java:377)
>     10:27:12,796 WARN  [SslListener] EXCEPTION
>     org.apache.geronimo.management.geronimo.KeystoreIsLocked: Keystore
>     'geronimo-default' is locked; please use the keystore page in the admin
>     console to unlock it
>              at
>     org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory(FileKeystoreManager.java:300)
>              at
>     org.apache.geronimo.security.keystore.FileKeystoreManager$$FastClassByCGLIB$$4d9d2a71.invoke
>     (<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke
>     (GBeanOperation.java:122)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.management.geronimo.KeystoreManager$$EnhancerByCGLIB$$be50f1ec.createSSLServerFactory(<generated>)
>              at
>     org.apache.geronimo.jetty.connector.GeronimoSSLListener.createFactory(GeronimoSSLListener.java
>     :41)
>              at
>     org.mortbay.http.SslListener.newServerSocket(SslListener.java:283)
>              at
>     org.mortbay.util.ThreadedServer.open(ThreadedServer.java:477)
>              at
>     org.apache.geronimo.jetty.connector.JettyConnector.doStart
>     (JettyConnector.java:233)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:981)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java
>     :267)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java
>     :124)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:540)
>              at
>     org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:379)
>              at
>     org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:374)
>              at
>     org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java
>     :187)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:512)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
>     (SimpleConfigurationManager.java:493)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke(<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke (FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:122)
> 
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke
>     (RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$cd144e8e.startConfiguration
>     (<generated>)
>              at
>     org.apache.geronimo.system.main.Daemon.doStartup(Daemon.java:297)
>              at
>     org.apache.geronimo.system.main.Daemon.<init>(Daemon.java:74)
>              at org.apache.geronimo.system.main.Daemon.main
>     (Daemon.java:377)
>     10:27:12,906 ERROR [GBeanInstanceState] Error while starting; GBean is
>     now in the FAILED state:
>     abstractName="geronimo/jetty/1.1.1-SNAPSHOT/car?ServiceModule=ge
>     ronimo/jetty/1.1.1-SNAPSHOT/car,j2eeType=GBean,name=JettySSLConnector"
>     java.io.IOException: Could not create JsseListener:
>     org.apache.geronimo.management.geronimo.KeystoreIsLocked: Keystore
>     'geronimo-default' is locked; please use
>     the keystore page in the admin console to unlock it
>              at
>     org.mortbay.http.SslListener.newServerSocket(SslListener.java:314)
>              at
>     org.mortbay.util.ThreadedServer.open(ThreadedServer.java:477)
>              at
>     org.apache.geronimo.jetty.connector.JettyConnector.doStart
>     (JettyConnector.java:233)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:981)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java
>     :267)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java
>     :124)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:540)
>              at
>     org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:379)
>              at
>     org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:374)
>              at
>     org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java
>     :187)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:512)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
>     (SimpleConfigurationManager.java:493)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke(<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke (FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:122)
> 
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke
>     (RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$cd144e8e.startConfiguration
>     (<generated>)
>              at
>     org.apache.geronimo.system.main.Daemon.doStartup(Daemon.java:297)
>              at
>     org.apache.geronimo.system.main.Daemon.<init>(Daemon.java:74)
>              at org.apache.geronimo.system.main.Daemon.main
>     (Daemon.java:377)
>     [*********>            ] 43%   9s Startup failed
>     org.apache.geronimo.kernel.config.LifecycleException: start of
>     geronimo/jetty/1.1.1-SNAPSHOT/car failed
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
>     (SimpleConfigurationManager.java:529)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:493)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke
>     (<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke
>     (GBeanOperation.java:122)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$cd144e8e.startConfiguration(<generated>)
>              at
>     org.apache.geronimo.system.main.Daemon.doStartup(Daemon.java:297)
>              at
>     org.apache.geronimo.system.main.Daemon.<init>(Daemon.java:74)
>              at org.apache.geronimo.system.main.Daemon.main(Daemon.java:377)
>     Caused by: org.apache.geronimo.kernel.config.InvalidConfigException:
>     Unknown start exception
>              at
>     org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:440)
>              at
>     org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java
>     :187)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:512)
>              ... 13 more
>     Caused by: org.apache.geronimo.gbean.InvalidConfigurationException :
>     Configuration geronimo/jetty/1.1.1-SNAPSHOT/car failed to start due to
>     the following reasons
>     :
>        The service
>     ServiceModule=geronimo/jetty/1.1.1-SNAPSHOT/car,j2eeType=GBean,name=JettySSLConnector
>     did not start because the doStart method threw an exception.
> 
>     java.io.IOException: Could not create JsseListener:
>     org.apache.geronimo.management.geronimo.KeystoreIsLocked: Keystore
>     'geronimo-default' is locked; please use
>     the keystore page in the admin console to unlock it
>              at
>     org.mortbay.http.SslListener.newServerSocket(SslListener.java:314)
>              at
>     org.mortbay.util.ThreadedServer.open(ThreadedServer.java:477)
>              at
>     org.apache.geronimo.jetty.connector.JettyConnector.doStart
>     (JettyConnector.java:233)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:981)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java
>     :267)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java
>     :124)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:540)
>              at
>     org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:379)
>              at
>     org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:374)
>              at
>     org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java
>     :187)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:512)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
>     (SimpleConfigurationManager.java:493)
>              at
>     org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke(<generated>)
>              at net.sf.cglib.reflect.FastMethod.invoke (FastMethod.java:53)
>              at
>     org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>              at
>     org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:122)
> 
>              at
>     org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:817)
>              at
>     org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>              at
>     org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke
>     (RawOperationInvoker.java:35)
>              at
>     org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>              at
>     org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$cd144e8e.startConfiguration
>     (<generated>)
>              at
>     org.apache.geronimo.system.main.Daemon.doStartup(Daemon.java:297)
>              at
>     org.apache.geronimo.system.main.Daemon.<init>(Daemon.java:74)
>              at org.apache.geronimo.system.main.Daemon.main
>     (Daemon.java:377)
> 
> 
>              at
>     org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:403)
>              ... 15 more
>     Server shutdown begun              tartup failed
>     Server shutdown completed
> 
> 
> 
> 

Mime
View raw message