Closed as not planned
Description
JSS fails to establish an SSL connection for Cassandra. This may be required by PKI ACME in certain environments.
Steps to reproduce:
- Install JSS 4.7 and DataStax Java Driver 4.7.2.
- Prepare a Cassandra database.
- Prepare a client application similar to this example.
- Run the client application.
Actual result: The client application failed to connect to Cassandra database over SSL.
Expected result: The client application should be able to connect to Cassandra database over SSL.
Additional info: The client application showed the following stack trace:
com.datastax.oss.driver.api.core.DriverExecutionException
at com.datastax.oss.driver.internal.core.util.concurrent.CompletableFutures.getUninterruptibly(CompletableFutures.java:152)
at com.datastax.oss.driver.api.core.session.SessionBuilder.build(SessionBuilder.java:633)
at org.dogtagpki.acme.database.CassandraDatabase.init(CassandraDatabase.java:90)
at org.dogtagpki.acme.server.ACMEEngine.initDatabase(ACMEEngine.java:264)
at org.dogtagpki.acme.server.ACMEEngine.start(ACMEEngine.java:417)
at org.dogtagpki.acme.server.ACMEEngine.contextInitialized(ACMEEngine.java:1067)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4690)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5151)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:717)
at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:688)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:705)
at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:631)
at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1831)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:112)
at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:526)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:425)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1576)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:309)
at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:123)
at org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:423)
at org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:366)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:936)
at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:841)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1384)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1374)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:909)
at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:262)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:421)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.startup.Catalina.start(Catalina.java:633)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:343)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:474)
Caused by: java.security.KeyStoreException: Unable to initialize JSSKeyManagerFactory with key store from non-JSS provider.
at org.mozilla.jss.provider.javax.crypto.JSSKeyManagerFactory.engineInitKeyStore(JSSKeyManagerFactory.java:54)
at org.mozilla.jss.provider.javax.crypto.JSSKeyManagerFactory.engineInit(JSSKeyManagerFactory.java:26)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
at com.datastax.oss.driver.internal.core.config.cloud.CloudConfigFactory.createKeyManagerFactory(CloudConfigFactory.java:212)
at com.datastax.oss.driver.internal.core.config.cloud.CloudConfigFactory.createSslContext(CloudConfigFactory.java:198)
at com.datastax.oss.driver.internal.core.config.cloud.CloudConfigFactory.createCloudConfig(CloudConfigFactory.java:130)
at com.datastax.oss.driver.api.core.session.SessionBuilder.buildDefaultSessionAsync(SessionBuilder.java:671)
at com.datastax.oss.driver.api.core.session.SessionBuilder.buildAsync(SessionBuilder.java:619)
... 50 more
Caused by: java.security.KeyStoreException: Unable to initialize JSSKeyManagerFactory with key store from non-JSS provider.
at org.mozilla.jss.provider.javax.crypto.JSSKeyManagerFactory.engineInitKeyStore(JSSKeyManagerFactory.java:49)
... 57 more
The stack trace points to the following code in DataStax Java Driver:
https://github.com/datastax/java-driver/blob/4.7.2/core/src/main/java/com/datastax/oss/driver/internal/core/config/cloud/CloudConfigFactory.java#L212