I set the Connector properties as
LOGGER.debug("ksPath=>" + ksPath);
httpsConnector.setAttribute("keystoreFile",ksPath);
httpsConnector.setAttribute("keystorePass", keyStorePass);
httpsConnector.setAttribute("clientAuth", "false");
httpsConnector.setAttribute("sslProtocol", "TLS");
httpsConnector.setAttribute("sslEnabledProtocols", tlsProtocols);
httpsConnector.setAttribute("SSLEnabled", true);
Connector defaultConnector = tomcat.getConnector();
defaultConnector.setRedirectPort(port);
What I see in logs (when it runs)
ksPath=>jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore
However, the deployment fails and I see logs as
SEVERE: Failed to load keystore type JKS with path /shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore due to /shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore (No such file or directory)
java.io.FileNotFoundException: /shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore (No such file or directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:146)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:413)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:319)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:577)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:517)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:462)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:209)
Observation
jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!/my.keystore
is different from
/shn/lp/jar:file:/shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar!my.keystore
the latter starts with /shn/lp/
However to assert, I see that the file is infact present in jar
jar -tvf /shn/lp/main-1.0-SNAPSHOT-jar-with-dependencies.jar | grep my.keystore
4704 Tue Jun 09 09:29:26 PDT 2015 my.keystore
What's up with it?
How do I resolve this issue?
Seems it does not understand the protocol, maybe because of the missing leading slash? Have you tried:
String ksPath = this.getClass().getResource("/my.keystore").getFile();
Related
I need to fix the problem of
SecurityException: Can not initialize cryptographic mechanism
Following up on OpenJDK 11 error "Can not initialize cryptographic mechanism", as its answer is unable to solve my problem
inspecting java.security.properties from within running JVM:
System.getProperty("java.security.properties");
It should be present and pointing at a file. Inspect that file and make sure it has the following property crypto.policy=unlimited and the folder called unlimited is available from where the policy file is.
However, I got null output for both java under Windows and Linux.
The above answer said that
it is <jre_home>/conf/security/policy/
and my situation is that I don't have jre however I do have the /conf/security/policy/ directory under java_home, for both java under Windows and Linux.
Directory of C:\Program Files\OpenJDK\jdk-18.0.1.1\conf\security\policy
04/25/2022 04:59 PM <DIR> .
04/25/2022 04:59 PM <DIR> ..
04/25/2022 04:59 PM <DIR> limited
04/25/2022 04:59 PM 2,390 README.txt
04/25/2022 04:59 PM <DIR> unlimited
1 File(s) 2,390 bytes
$ ls -l /home/foo/.sdkman/candidates/java/17.0.3-oracle/conf/security/policy
total 4
-rw-r----- 1 foo foo 2390 2022-03-09 17:40 READfoo.txt
drwxrwx--x 1 foo foo 4096 2022-06-03 12:45 limited
drwxrwx--x 1 foo foo 4096 2022-06-03 12:45 unlimited
See Cryptographic Strength Configuration ...and build the path with $JAVA_HOME.
On Linux the default paths are:
JDK8: $JAVA_HOME/jre/lib/security/java.security
JDK11: $JAVA_HOME/conf/security
JDK14: $JAVA_HOME/conf/security, mostly sym-linked to /etc/java-14-openjdk/security.
"Jurisdiction Policy File" java.security should have crypto.policy = unlimited set from JDK9 onwards; policies can be found $JAVA_HOME/conf/security/unlimited/default_US_export.policy.
So i have a Spring boot fat jar that has a config that needs to load a .pem file from an absolute path defined in application.properties file.
I defined the path like this:
security.jwt.public-key=/opt/samara/staging.pem
The usage is like this:
#Value("\${security.jwt.public-key}")
lateinit var publicKey: Resource
Here is the directory structure:
root#samara:/opt/samara# ls -lsh
-rwxr-xr-x 1 root root 44M Nov 27 07:50 app.jar
-rwxr-xr-x 1 root root 2.0K Nov 27 07:53 staging.pem
-rwxr-xr-x 1 root root 1.2K Nov 27 08:29 application.properties
But when i tried to run it like this:
root#samara:/opt/samara# java -jar app.jar
it failed with this:
Caused by: java.io.FileNotFoundException: Could not open ServletContext resource [/opt/samara/staging.pem]
at org.springframework.web.context.support.ServletContextResource.getInputStream(ServletContextResource.java:158) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
Actually, i copied those files from another machine and it runs perfectly in that machine but i don't know why it failed in the new machine. Thanks.
After reading this:
https://docs.spring.io/spring/docs/current/spring-framework-reference/core.html#resources
I changed the path definition to:
security.jwt.public-key=file:/opt/samara/staging.pem
And it worked!
I am new to tomcat and solr . So solr is running on the tomcat server . When I run the tomcat using the sudo service tomcat7 start then it works perfectly,gets deployed properly. But when I am doing it from eclipse using the tomcat7:run goal then it is giving me some problems like -
ERROR UpdateLog:120 - Failure to open existing log file (non fatal) /opt/solr-tomcat/solr/collection1/data/tlog/tlog.0000000000000000146:org.apache.solr.common.SolrException: java.io.FileNotFoundException: /opt/solr-tomcat/solr/collection1/data/tlog/tlog.0000000000000000146 (Permission denied)
ERROR UpdateLog:1441 - Error deleting file: /opt/solr-tomcat/solr/collection1/data/tlog/tlog.0000000000000000146
2017-07-06 14:39:05 ERROR UpdateLog:120 - Failure to open existing log file (non fatal) /opt/solr-tomcat/solr/collection1/data/tlog/tlog.0000000000000000147:org.apache.solr.common.SolrException: java.io.FileNotFoundException: /opt/solr-tomcat/solr/collection1/data/tlog/tlog.0000000000000000147 (Permission denied)
Caused by: org.apache.solr.common.SolrException: Error opening new searcher
Caused by: java.io.FileNotFoundException: /opt/solr-tomcat/solr/collection1/data/index/write.lock (Permission denied)
I changed the permission of that folder as well now it is a tomcat7.
In the solr-tomcat folder.
drwxr-xr-x 3 tomcat7 tomcat7 4096 Jul 6 14:11 solr/
-rw-r--r-- 1 tomcat7 tomcat7 2118 Jul 6 14:11 solr.xml
Can any one please help me with this ?
Solr 5.0+ Support for deploying Solr into servers (like tomcat )no longer supported.
Solr should be a standalone server, follow these steps
I have downloaded fitnesse-standalone.jar, and tried to run using below command
java -jar fitnesse-standalone.jar
Unfortunately I am getting below exception,
C:\Program Files (x86)\Java\jdk1.6.0_14\bin>java -jar fitnesse-standalone.jar
Mar 18, 2014 4:16:54 PM fitnesse.ConfigurationParameter loadProperties
INFO: No configuration file found (C:\Program Files (x86)\Java\jdk1.6.0_14\bin\p
lugins.properties)
root page: fitnesse.wiki.fs.FileSystemPage at ./FitNesseRoot
logger: none
authenticator: fitnesse.authentication.PromiscuousAuthenticator
page factory: fitnesse.html.template.PageFactory
page theme: fitnesse_straight
Starting FitNesse on port: 80
Exception in thread "main" java.io.FileNotFoundException: .\FitNesseRoot\updateL
ist (The system cannot find the path specified)
at java.io.FileOutputStream.open(Native Method)
at java.io.FileOutputStream.<init>(FileOutputStream.java:179)
at java.io.FileOutputStream.<init>(FileOutputStream.java:131)
at fitnesse.updates.FileUpdate.copyResource(FileUpdate.java:45)
at fitnesse.updates.FileUpdate.doUpdate(FileUpdate.java:31)
at fitnesse.updates.UpdaterImplementation.getUpdateFilesFromJarFile(Upda
terImplementation.java:71)
at fitnesse.updates.UpdaterImplementation.createUpdateAndDoNotCopyOverLi
sts(UpdaterImplementation.java:62)
at fitnesse.updates.UpdaterImplementation.<init>(UpdaterImplementation.j
ava:21)
at fitnesseMain.FitNesseMain.update(FitNesseMain.java:66)
at fitnesseMain.FitNesseMain.launchFitNesse(FitNesseMain.java:59)
at fitnesseMain.FitNesseMain.launchFitNesse(FitNesseMain.java:48)
at fitnesseMain.FitNesseMain.main(FitNesseMain.java:32)
Please help!
Regards
Rajib
You need to point to the directory where the fitnesse-standalone jar is located in. Also, there's is a good chance that port 80 is already being used. Therefore, try using a different port using the -p option in that case.
Example: -jar C:/fitnesse-standalone.jar -p 8081
You may want to run java -jar fitnesse-standalone.jar from the directory where you copied a file fitnesse-standalone.jar.
To avoid an error of running java you need to add java folder to the environment variables.
NB 7.4RC2, Win 7
In Java Control Panel, the "Keep Temporary Internet Files" checkbox is checked.
I am signing my Web Start application with trusted certificates.
However, the 3rd party jars in dist/lib seem to be unsigned.
C:\Program Files (x86)\Java\jdk1.7.0_40\bin\jarsigner" -verify
javafx-dialogs-0.0.3.jar
jar is unsigned. (signatures missing or not parsable)
So when I run my application in the debugger, it refuses to start complaining of unsigned jars
ExitException[ 3]com.sun.deploy.net.JARSigningException: Found unsigned entry in resource: file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar
I get the same error when I run with self signed jars, “Found unsigned entry in resource”. It is as if NetBeans stopped signing the jars.
I deleted all temporary files in the Java cache from Java Control Panel. Now it fails to run clicking both Run and Debug in the IDE, and also copying the dist folder to the desktop and clicking the jnlp file.
ExitException[ 3]com.sun.deploy.net.JARSigningException: Found unsigned entry in resource: file:/C:/Users/me/Desktop/dist/lib/RXTXcomm.jar
while building:
Warning: The signer certificate will expire within six months.
Signing JAR:
C:\Users\me\Documents\NetBeansProjects\MyApp\dist\lib\RXTXcomm.jar to
C:\Users\me\Documents\NetBeansProjects\MyApp\dist\lib\RXTXcomm.jar as
my_key54321
while running:
network: Cache entry found [url: file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar
cache: Resource file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar has expired.
network: ResponseCode for file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar : 200
network: Encoding for file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar : null
CacheEntry[file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar]: updateAvailable=false,lastModified=Wed Feb 04 19:07:10 CST 2009,length=60866
........
security: Trust for:
file:/C:/Users/me/Documents/NetBeansProjects/MyApp/dist/lib/RXTXcomm.jar
has ended: Wed Dec 31 18:00:00 CST 1969
Does anyone know what is causing this?
Update: In NetBeans, I selected Project Properties and under Run, selected Run As “default configuration”. Earlier, Run As “WebStart” was selected. Now it starts normally. Was it a NetBeans bug or a feature?
WebVPN Java Plugins fail to load after upgrade to Java 7 Update 45 with the following General Exception error - 'com.sun.deploy.net.JARSigningException: Found unsigned entry in resource:
Conditions: Windows or Mac OSX machines using Java 7 Update 45.
Workaround: 1) Disable the option 'Keep temporary files on my computer' on the Java Control Panel -> General -> Settings. This works for both Mac OSX and Windows.
or
2) Downgrade Java to version 7 Update 40 or below