- Revenera Community
- :
- FlexNet Embedded
- :
- FlexNet Embedded Knowledge Base
- :
- Obfuscated Keystore password not getting decrypted in LLS 2024.06 onwards
- Mark as New
- Mark as Read
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Obfuscated Keystore password not getting decrypted in LLS 2024.06 onwards
Obfuscated Keystore password not getting decrypted in LLS 2024.06 onwards
Summary
LLS set up in HTTPS mode is unable to start when an obfuscated keystore password is used in local-configuration.yaml configuration file.
The issue is being observed in LLS 2024.06 version onwards.
Symptoms
When LLS is configured to run in HTTPS mode with a certificate , the keystore password needs to be passed on to the local configuration.yaml config file. The keystore password can be obfuscated/hashed using the below
java -jar flexnetls.jar -password <password>
If the obfuscated keystone password is used on the local-configuration.yaml , the LLS is unable to start or install as a service. The issue occurs in both console mode and running as a service.
Below error is thrown by LLS :
2024-08-06T07:54:55,974Z WARN - Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'undertowServletWebServerFactory' defined in com.flexnet.glservice.UllsConfiguration: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate
Steps to Reproduce
- Produce producer-settings.xml and configure local-configuration.yaml to run LLS in HTTPs mode.
- Obfuscate the keystore password using java -jar flexnetls.jar -password <password>
- Use the obfuscated password as the keystore password in the local-configuration.yaml HTTPS in section. Attaching a screenshot of the configuration.
Start LLS in console mode or install it as a service. LLS will throw an error of "Unable to start web server"
Workaround
- Currently workaround for running LLS in HTTPS mode is to use the keystore-password as plaintext and not obfuscated in the local-configuration.yaml config file.
example :
keystore-password: keystorepassword - start the LLS in console mode or installs as a service.
- Otherwise, LLS 2024.05 can be used.
Fix Version and Resolution
The bug is fixed in the 2024.08 release of LLS.