Spring boot enable Https : SSL Keystore Error - spring

I am trying to enable https in my spring boot application but getting 'Keystore was tampered with, or password was incorrect' error. Following are the below configuration i have in my application properties file.
server.port=8083
server.ssl.enabled=true
server.ssl.key-store-type=JKS
server.ssl.key-store=C:\\Users\\abc.jks
server.ssl.key-store-password=C:\\Users\\password.txt
However when i am using TomcatServletWebServerFactory to redirect http to https with the below configuration in application properties it works fine without any issue. application starts on http 8081 and https 8083 ports.
server.port=8083
http.server.port= 8081
server.ssl.enabled=true
server.ssl.key-store-type=JKS
server.ssl.key-store=C:\\Users\\abc.jks
server.ssl.key-store-password=C:\\Users\\password.txt
I am not able to find root cause and resolve the issue. Please help me to find out what i am doing wrong.
**Spring boot : 2.3.2.RELEASE
tomcat-embed-core-9.0.37.jar:9.0.37
jdk1.8.0_111**
Below is the error.
[AsyncReporter{org.springframework.cloud.sleuth.zipkin2.sender.RestTemplateSender#355ce6a6}] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
Caused by: java.lang.IllegalArgumentException: standardService.connector.startFailed
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
Caused by: java.lang.IllegalArgumentException: Keystore was tampered with, or password was incorrect
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
Caused by: java.security.UnrecoverableKeyException: Password verification failed

You are missing key password.
server.ssl.key-password=yourpasswordhere

Related

weblogic.application.Mo: javax.naming.NameNotFoundException: While trying to look up /jdbc/Myds in /app/webapp/file.war.; remaining name '/jdbc/Myds'

I'm trying to deploy a spring app on a weblogic server; the weblogic server is well configured.
I specified the datasource and I choosed my server in the target of the ds.
In my spring.properties file, here is the JNDI name:
JNDI_NAME=java:jdbc/Myds
I also tried "JNDI_NAME=jdbc/Myds" but it didn't work.
You can see the logs:
at weblogic.work.ExecuteThread.run(ExecuteThread.java:263)
Caused By: javax.naming.NameNotFoundException: While trying to look up /jdbc/Myds in /app/webapp/file.war/311012552.; remaining name '/jdbc/Myds'
at weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingNode.java:1180)
at weblogic.jndi.internal.ApplicationNamingNode.lookup(ApplicationNamingNode.java:143)
at weblogic.jndi.internal.WLEventContextImpl.lookup(WLEventContextImpl.java:253)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:426)
at weblogic.jndi.factories.java.ReadOnlyContextWrapper.lookup(ReadOnlyContextWrapper.java:45)
at weblogic.jndi.internal.AbstractURLContext.lookup(AbstractURLContext.java:130)
at javax.naming.InitialContext.lookup(InitialContext.java:417)
at org.springframework.jndi.JndiTemplate.lambda$lookup$0(JndiTemplate.java:156)
at org.springframework.jndi.JndiTemplate$$Lambda$239/1681270536.doInContext(Unknown Source)
at org.springframework.jndi.JndiTemplate.execute(JndiTemplate.java:91)
at org.springframework.jndi.JndiTemplate.lookup(JndiTemplate.java:156)
I'm new to weblogic and I need help, Thanks

IllegalStateException: 403 error on Sonarcube via VPN

Sonarcube server is behind our company VPN server. If I connect to VPN, I can access sonar in browser without any issues. But while connecting from sonarCLI or IntelliJ plugin getting the following error
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
... 155 more
Caused by: java.lang.IllegalStateException: Status returned by url [https://sonarqube.ourtesco.com/batch/index] is not valid: [403]
at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:118)
at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
... 158 more
Adding a proxy while connecting to the server solved the issue.

Redis errors in Kube cluster

When deploying to an environment in k8s cluster this is the error I'm getting in Jenkins. I've checked my config file also don't see anything weird there. The below test cases fail and the cause points to DNS resolution. The unit tests are just the endpoint tested via mockMvc.
I'm not sure how to put my finger where in K8s its failing but the stack trace points to something in the cluster not being traceable.
Anyway I can debug what is going wrong or ask the concerned person what needs to be investigated in the cluster?
public RedissonClient redisson(#Value("classpath:redission/redisson-dev.yaml") final Resource configFile)
throws IOException {
final var config = Config.fromYAML(configFile.getInputStream());
return Redisson.create(config);
}```
`ava.lang.IllegalStateException at DefaultCacheAwareContextLoaderDelegate.java:132
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException at ConstructorResolver.java:800
Caused by: org.springframework.beans.factory.BeanCreationException at ConstructorResolver.java:658
Caused by: org.springframework.beans.BeanInstantiationException at SimpleInstantiationStrategy.java:185
Caused by: java.net.UnknownHostException at DnsResolveContext.java:1014`
Caused by: java.net.UnknownHostException
Tells us that the host can't be resolved.

Trying java client for secure connection with Kerberose on CDP 7.1

Trying java client for secure connection with Kerberose on CDP 7.1 but it is failing to connect.
can someone one help with this error.
Caused by: java.io.IOException: java.lang.RuntimeException: Found no valid authentication method from options
at org.apache.hadoop.hbase.ipc.IPCUtil.toIOE(IPCUtil.java:154)
... 13 more
Caused by: java.lang.RuntimeException: Found no valid authentication method from options
at org.apache.hadoop.hbase.ipc.RpcConnection.<init>(RpcConnection.java:112)
at org.apache.hadoop.hbase.ipc.NettyRpcConnection.<init>(NettyRpcConnection.java:89)
at org.apache.hadoop.hbase.ipc.NettyRpcClient.createConnection(NettyRpcClient.java:74)
at org.apache.hadoop.hbase.ipc.NettyRpcClient.createConnection(NettyRpcClient.java:40)
at org.apache.hadoop.hbase.ipc.AbstractRpcClient.getConnection(AbstractRpcClient.java:350)
at org.apache.hadoop.hbase.ipc.AbstractRpcClient.callMethod(AbstractRpcClient.java:419)
... 12 more

How can I pass a Kerberos ticket to Spring Yarn application

I am trying to run the Simple Single Project Yarn Application detailed here. I deployed the application as a jar file to our hadoop cluster. When trying to run, I am getting an exception, stack trace below:
[2015-06-04 14:10:45.866] boot - 13669 ERROR [main] --- SpringApplication: Application startup failed
java.lang.IllegalStateException: Failed to execute CommandLineRunner
at org.springframework.boot.SpringApplication.runCommandLineRunners(SpringApplication.java:680)
at org.springframework.boot.SpringApplication.afterRefresh(SpringApplication.java:695)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:322)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:961)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:950)
at com.aetna.ise.yarn.publish.Application.main(Application.java:21)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:53)
at java.lang.Thread.run(Thread.java:857)
Caused by: org.springframework.yarn.YarnSystemException: SIMPLE authentication is not enabled. Available:[TOKEN, KERBEROS]; nested exception is org.apache.hadoop.security.AccessControlException: SIMPLE authentication is not enabled. Available:[TOKEN, KERBEROS]
This is due to the fact that our cluster uses Kerberos authentication. Is there a way to pass the Kerberos ticket to the application in the Spring YARN code? I don't see any place to do that.
We can't currently delegate any tickets when application is submitted, but application itself can use kerberos.
This is explained in section http://docs.spring.io/spring-hadoop/docs/2.1.2.RELEASE/reference/html/springandhadoop-security.html#literal-spring-hadoop-security-literal-configuration-properties
For example something like shown below in application.yml(use principals from your cluster):
spring:
hadoop:
fsUri: hdfs://localhost:8020
resourceManagerHost: localhost
security:
userPrincipal: jvalkealahti/neo
userKeytab: /usr/local/hadoops/jvalkealahti.keytab
authMethod: kerberos
namenodePrincipal: hdfs/neo#LOCALDOMAIN
rmManagerPrincipal: yarn/neo#LOCALDOMAIN

Resources