Invalid keystores from Tomcat

cancel
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Former Member

Invalid keystores from Tomcat

Jump to solution

I have installed Alfresco community services version using this guide and on starting tomcat service the alfresco throws an error on Invalid Keystores. I have generated the keystores using the documentation from alfresco but it seems not to solve the problem. What could be the issue? I have attached the alfresco.log output below.

2020-11-23 08:58:05,786 WARN  [org.alfresco.heartbeat.datasender.HBDataSenderServiceBuilder] [localhost-startStop-1] Setting the Heartbeat sender cron with property 'heartbeat.sender.cronExpression' is no longer supported.
2020-11-23 08:58:06,076 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Ignoring script patch (post-Hibernate): patch.db-V4.2-metadata-query-indexes
2020-11-23 08:58:06,076 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Ignoring script patch (post-Hibernate): patch.db-V5.1-metadata-query-indexes
2020-11-23 08:58:06,077 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Ignoring script patch (post-Hibernate): patch.db-V5.2-remove-jbpm-tables-from-db
2020-11-23 08:58:06,593 INFO  [org.alfresco.repo.admin] [localhost-startStop-1] Using database URL 'jdbc:postgresql://localhost:5801/alfresco' with user 'alfresco'.
2020-11-23 08:58:06,594 INFO  [org.alfresco.repo.admin] [localhost-startStop-1] Connected to database PostgreSQL version 11.4
2020-11-23 08:58:14,636 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1]
2020-11-23 08:58:14,775 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1] complete
2020-11-23 08:58:14,945 ERROR [org.alfresco.repo.content.transform.LocalTransformServiceRegistry] [QuartzScheduler_Worker-2] 10230000 Failed to connect or to read the response from T-Engine on http://localhost:8090/transform/config
2020-11-23 08:58:17,653 INFO  [org.springframework.extensions.webscripts.TemplateProcessorRegistry] [localhost-startStop-1] Registered template processor Repository Template Processor for extension ftl
2020-11-23 08:58:17,659 INFO  [org.springframework.extensions.webscripts.ScriptProcessorRegistry] [localhost-startStop-1] Registered script processor Repository Script Processor for extension js
2020-11-23 08:58:19,145 ERROR [org.alfresco.repo.content.transform.LocalTransformServiceRegistry] [QuartzScheduler_Worker-2] 10230001 Failed to connect or to read the response from T-Engine on http://localhost:8093/transform/config
2020-11-23 08:58:20,976 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'ContentStore' subsystem, ID: [ContentStore, managed, unencrypted]
2020-11-23 08:58:21,054 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'ContentStore' subsystem, ID: [ContentStore, managed, unencrypted] complete
2020-11-23 08:58:21,090 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Connecting to database: jdbc:postgresql://localhost:5999/alfresco, UserName=alfresco, PostgreSQL JDBC Driver
2020-11-23 08:58:21,090 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Schema managed by database dialect org.alfresco.repo.domain.dialect.PostgreSQLDialect.
2020-11-23 08:58:21,112 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Applied patches detected: 10
2020-11-23 08:58:21,150 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Checking and patching Alfresco tables took 37 ms
2020-11-23 08:58:21,153 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Activiti tables need to be checked for patches
2020-11-23 08:58:21,186 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Checking and patching Activiti tables took 33 ms
2020-11-23 08:58:21,219 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Checking that all patches have been applied took 32 ms
2020-11-23 08:58:21,220 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] Updating the DB schema took 126 ms
2020-11-23 08:58:21,222 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] [localhost-startStop-1] No changes were made to the schema.
2020-11-23 08:58:21,384 ERROR [org.springframework.web.context.ContextLoader] [localhost-startStop-1] Context initialization failed
org.alfresco.error.AlfrescoRuntimeException: 10230003 Keystores are invalid
	at org.alfresco.encryption.EncryptionChecker$1.execute(EncryptionChecker.java:78)
	at org.alfresco.encryption.EncryptionChecker$1.execute(EncryptionChecker.java:1)
	at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:450)
	at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:319)
	at org.alfresco.encryption.EncryptionChecker.onBootstrap(EncryptionChecker.java:67)
	at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
	at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEventInternal(SafeApplicationEventMulticaster.java:221)
	at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:186)
	at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:206)
	at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:402)
	at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:359)
	at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:896)
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:552)
	at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:400)
	at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:291)
	at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:103)
	at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:70)
	at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4689)
	at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5155)
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
	at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:743)
	at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:719)
	at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:705)
	at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:970)
	at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1840)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.alfresco.error.AlfrescoRuntimeException: 10230002 Failed to create key: metadata
 in key store: 
   Location: classpath:alfresco/keystore/keystore
   Provider: null
   Type:     JCEKS
	at org.alfresco.encryption.AlfrescoKeyStoreImpl.createKey(AlfrescoKeyStoreImpl.java:661)
	at org.alfresco.encryption.AlfrescoKeyStoreImpl.validateKeys(AlfrescoKeyStoreImpl.java:907)
	at org.alfresco.encryption.AlfrescoKeyStoreImpl.validateKeys(AlfrescoKeyStoreImpl.java:188)
	at org.alfresco.encryption.KeyStoreChecker.validateKeyStores(KeyStoreChecker.java:49)
	at org.alfresco.encryption.EncryptionChecker$1.execute(EncryptionChecker.java:73)
	... 29 more
Caused by: java.lang.NullPointerException
	at org.alfresco.encryption.AlfrescoKeyStoreImpl.getSecretKey(AlfrescoKeyStoreImpl.java:770)
	at org.alfresco.encryption.AlfrescoKeyStoreImpl.createKey(AlfrescoKeyStoreImpl.java:639)
	... 33 more
2020-11-23 08:58:21,953 WARN  [org.springframework.web.context.support.XmlWebApplicationContext] [localhost-startStop-1] Exception thrown from ApplicationListener handling ContextClosedEvent
java.lang.NullPointerException
	at org.alfresco.repo.workflow.activiti.ActivitiEngineInitializer.onShutdown(ActivitiEngineInitializer.java:65)
	at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:67)
	at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEventInternal(SafeApplicationEventMulticaster.java:221)
	at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:191)
	at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:206)
	at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:402)
	at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:359)
	at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:1009)
	at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:975)
	at org.springframework.web.context.ContextLoader.closeWebApplicationContext(ContextLoader.java:516)
	at org.springframework.web.context.ContextLoaderListener.contextDestroyed(ContextLoaderListener.java:112)
	at org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:4735)
	at org.apache.catalina.core.StandardContext.stopInternal(StandardContext.java:5399)
	at org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:257)
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:187)
	at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:743)
	at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:719)
	at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:705)
	at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:970)
	at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1840)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:834)
2020-11-23 08:58:22,059 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Stopping 'ContentStore' subsystem, ID: [ContentStore, managed, unencrypted]
2020-11-23 08:58:22,061 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Stopped 'ContentStore' subsystem, ID: [ContentStore, managed, unencrypted]
2020-11-23 08:58:22,565 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Stopping 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1]
2020-11-23 08:58:22,565 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Stopped 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1]
2020-11-23 08:58:23,191 ERROR [org.alfresco.repo.content.transform.LocalTransformServiceRegistry] [QuartzScheduler_Worker-2] 10230004 Failed to connect or to read the response from T-Engine on http://localhost:8091/transform/config
2020-11-23 08:58:23,267 ERROR [org.alfresco.repo.content.transform.LocalTransformServiceRegistry] [QuartzScheduler_Worker-2] Config read failed. Illegal access: this web application instance has been stopped already. Could not load [org/apache/http/client/version.properties]. The following stack trace is thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access.
java.lang.IllegalStateException: Illegal access: this web application instance has been stopped already. Could not load [org/apache/http/client/version.properties]. The following stack trace is thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access.
	at org.apache.catalina.loader.WebappClassLoaderBase.checkStateForResourceLoading(WebappClassLoaderBase.java:1378)
	at org.apache.catalina.loader.WebappClassLoaderBase.getResourceAsStream(WebappClassLoaderBase.java:1107)
	at org.apache.http.util.VersionInfo.loadVersionInfo(VersionInfo.java:233)
	at org.apache.http.util.VersionInfo.getUserAgent(VersionInfo.java:319)
	at org.apache.http.impl.client.HttpClientBuilder.build(HttpClientBuilder.java:1057)
	at org.apache.http.impl.client.HttpClients.createDefault(HttpClients.java:56)
	at org.alfresco.transform.client.registry.CombinedConfig.addRemoteConfig(CombinedConfig.java:134)
	at org.alfresco.transform.client.registry.CombinedConfig.addRemoteConfig(CombinedConfig.java:115)
	at org.alfresco.repo.content.transform.LocalTransformServiceRegistry.readConfig(LocalTransformServiceRegistry.java:141)
	at org.alfresco.transform.client.registry.TransformServiceRegistryImpl$1.readConfig(TransformServiceRegistryImpl.java:80)
	at org.alfresco.util.ConfigScheduler.readConfigAndReplace(ConfigScheduler.java:208)
	at org.alfresco.util.ConfigScheduler$ConfigSchedulerJob.execute(ConfigScheduler.java:64)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573)
1 Solution

Accepted Solutions
angelborroy
Alfresco Employee

Re: Invalid keystores from Tomcat

Jump to solution

Hope this helps:

https://www2.slideshare.net/angelborroy/alfresco-certificates

That "keystore" is not for SSL / mTLS configuration, but for encryption. As you're not using encryption (Community doesn't have this feature) you can use default "keystore" for that.

Hyland Developer Evangelist

View solution in original post

12 Replies
angelborroy
Alfresco Employee

Re: Invalid keystores from Tomcat

Jump to solution

Are you using 201911-GA version?

Hyland Developer Evangelist
Anonymous
Former Member

Re: Invalid keystores from Tomcat

Jump to solution

Yes. I think so. I downloaded it from here.

angelborroy
Alfresco Employee

Re: Invalid keystores from Tomcat

Jump to solution

That should be configured by default, using the "keystore" file inside the "alfresco-repository-*.jar" from alfresco.war.

What version of "alfresco-repository.jar" is deployed in your WEB-INF/lib folder for alfresco?

Hyland Developer Evangelist
Anonymous
Former Member

Re: Invalid keystores from Tomcat

Jump to solution

alfresco-repository-7.134.1

angelborroy
Alfresco Employee

Re: Invalid keystores from Tomcat

Jump to solution

That's weird... It looks like the "keystore" files are part of that JAR file:

https://github.com/Alfresco/alfresco-repository/tree/alfresco-repository-7.134.1/src/main/resources/...

Hyland Developer Evangelist
Anonymous
Former Member

Re: Invalid keystores from Tomcat

Jump to solution

Thanks for sharing the link. I generated custom keys using the generator what comes with the download. I have had a look at the link. Therefore, does this mean that I should not generate custom keys and just use the ones that have come packaged with the ACS?

angelborroy
Alfresco Employee

Re: Invalid keystores from Tomcat

Jump to solution

Hope this helps:

https://www2.slideshare.net/angelborroy/alfresco-certificates

That "keystore" is not for SSL / mTLS configuration, but for encryption. As you're not using encryption (Community doesn't have this feature) you can use default "keystore" for that.

Hyland Developer Evangelist
Anonymous
Former Member

Re: Invalid keystores from Tomcat

Jump to solution

Thank you for this information and for the informative reference. 

EddieMay
Alfresco Employee

Re: Invalid keystores from Tomcat

Jump to solution

Hi @Anonymous 

Glad you resolved your issue - thanks for updating your post.

Best wishes,

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!