Confluence 10 can't read encrypted certificate password on server.xml

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: High
    • None
    • Affects Version/s: 10.2.2
    • Component/s: Data Center - Deployments
    • None
    • Severity 2 - Major

      Problem

      Confluence cannot read encrypted values like the keystore password in the Tomcat v10 Connector.

      Environment

      Confluence 10.2

      Steps to Reproduce

      1. Install Confluence 10.2
      2. Terminate SSL at Tomcat
      3. Encrypt the keystore password in server.xml 

      Expected Results

      Confluence will be able to read the encrypted password.

      Actual Results

      Confluence fails to read the encrypted password with the following error:

      DD-MM-YYY HH:MM:SS SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector["https-jsse-nio2-8443"]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1073)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:122)
 ...
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at java.base/sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:804)
...
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at java.base/sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:802)
... 26 more

       

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

      Notes

      see Summary

            Assignee:
            Unassigned
            Reporter:
            Diego Patrignani
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: