IOException reading keystore for Web Service
Issue
We've configured a CXF Web Service client to call a Web Service secured with SSL. Here is out WS client configuration:
<http:conduit name="*.http-conduit">
<!--
NOTE: CNCheck is used to verify that the server's hostname matches the
DN in the presented certificate. This should NOT be diabled in a
production environment.
-->
<http:tlsClientParameters disableCNCheck="true">
<sec:keyManagers keyPassword="soaesb">
<sec:keyStore type="JKS" password="soaesb"
resource="/usr/local/fuse/esb/conf/esp-system.ks"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="soaesb"
resource="/usr/local/fuse/esb/conf/esp-system.ts"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with
export-suitable or null encryption is used,
but exclude anonymous Diffie-Hellman key change as
this is vulnerable to man-in-the-middle attacks -->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
However, when we restart, we get this exception stack trace:
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory': Cannot create inner bean 'httpj:engine#ec9441' of type [org.apache.cxf.transport.http_jetty.spring.JettyHTTPServerEngineBeanDefinitionParser$SpringJettyHTTPServerEngine] while setting bean property 'enginesList' with key [0]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'httpj:engine#ec9441': Cannot create inner bean '(inner bean)' of type [org.apache.cxf.transport.http_jetty.spring.JettyHTTPServerEngineBeanDefinitionParser] while setting bean property 'tlsServerParameters'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#2': Instantiation of bean failed; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Factory method [public static org.apache.cxf.configuration.jsse.spring.TLSServerParametersConfig org.apache.cxf.transport.http_jetty.spring.JettyHTTPServerEngineBeanDefinitionParser.createTLSServerParametersConfig(java.lang.String) throws java.security.GeneralSecurityException,java.io.IOException] threw exception; nested exception is java.io.IOException: Could not load keystore resource /usr/local/fuse/esp-system-certificates/esp-system.ks
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:230)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:117)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:287)
Environment
FUSE ESB 3.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
