geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Bohn <joe.b...@earthlink.net>
Subject critical jetty keystore problems on 1.1.1
Date Mon, 31 Jul 2006 12:16:49 GMT

I'm still trying to figure out some critical problems with the keystore 
processing on jetty.

The most serious problem that I've yet to resolve is a problem with the 
lock/unlock of the keystore availability lock.   A subsequent server 
restart will fail because "Keystore 'geronimo-default' is locked".  It 
appears that we cannot recover from this error either.  Even if I change 
the config.xml for SSLConnector to load="false", restart the server, 
unlock the keystore/key (again) I still get the same failure when I 
attempt to start with the SSLConnector enabled.

At first I thought this was because of the duplicate attribute entries 
referenced in an earlier post.  In fact, I'm pretty sure that I edited 
the config.xml to remove the "null" entries and was able to get the 
server started. However, I have recently been unable to recover from 
this error using the same mechanism.  In fact it seems to create more 
problems because after removing the null entries I now get an 
UnrecoverableKeyException.

Any advice or recommendations?  I'm beginning to wonder if we should 
disable the keystore portlet for 1.1.1 so that the user can't shoot 
himself in the foot.

Joe

Mime
View raw message