lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Satya Marivada <satya.chaita...@gmail.com>
Subject obfuscated password error
Date Mon, 18 Mar 2019 15:12:41 GMT
Hi All,

Using solr-6.3.0, to obfuscate the password, have used jetty util to
generate obfuscated password


java -cp jetty-util-9.3.8.v20160314.jar
org.eclipse.jetty.util.security.Password mypassword


The output has been used in solr.in.sh as below


SOLR_SSL_KEY_STORE=/sanfs/mnt/vol01/solr/solr-6.3.0/server/etc/solr-ssl.keystore.jks

SOLR_SSL_KEY_STORE_PASSWORD="OBF:1bcd1l161lts1ltu1uum1uvk1lq41lq61k221b9t"

SOLR_SSL_TRUST_STORE=/sanfs/mnt/vol01/solr/solr-6.3.0/server/etc/solr-ssl.keystore.jks

SOLR_SSL_TRUST_STORE_PASSWORD="OBF:1bcd1l161lts1ltu1uum1uvk1lq41lq61k221b9t"

Solr does not start fine with below exception, any suggestions? If I use
the plain text password, it works fine. One more thing is that the same
setup with obfuscated password works in other environments except one which
got this exception. Recently system level patches are applied, just saying
though dont think that could have impact,

Caused by: java.net.SocketException:
java.security.NoSuchAlgorithmException: Error constructing implementation
(algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextIm
pl$DefaultSSLContext)
        at
javax.net.ssl.DefaultSSLSocketFactory.throwException(SSLSocketFactory.java:248)
        at
javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:255)
        at
org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:513)
        at
org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:383)
        at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:165)
        at
org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
        at
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
        at
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
        at
org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
        at
org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:498)
        ... 11 more
Caused by: java.security.NoSuchAlgorithmException: Error constructing
implementation (algorithm: Default, provider: SunJSSE, class:
sun.security.ssl.SSLContextImpl$DefaultSSLContext)
        at java.security.Provider$Service.newInstance(Provider.java:1617)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
        at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
        at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)


at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:214)
        at org.eclipse.jetty.start.Main.start(Main.java:457)
        at org.eclipse.jetty.start.Main.main(Main.java:75)
Caused by: java.io.IOException: Keystore was tampered with, or password was
incorrect
        at
sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:785)
        at
sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
        at
sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
        at
sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
        at java.security.KeyStore.load(KeyStore.java:1445)
        at
sun.security.ssl.TrustManagerFactoryImpl.getCacertsKeyStore(TrustManagerFactoryImpl.java:226)
        at
sun.security.ssl.SSLContextImpl$DefaultManagersHolder.getTrustManagers(SSLContextImpl.java:877)
        at
sun.security.ssl.SSLContextImpl$DefaultManagersHolder.<clinit>(SSLContextImpl.java:854)
        at
sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(SSLContextImpl.java:1019)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
        at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
        at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
        at java.security.Provider$Service.newInstance(Provider.java:1595)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
        at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)

Thanks,
Satya

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message