hi there
I have Openfire 3.6.4. running on a OpenVZ (ubuntu 8.04) VE (with postgresql).
Whenever I reboot the VE, the certificates (generated self-signed certificates in the openfire webadmin interface
get corrupted. In the webinterface ist says
‘Unable to access certificate store. The keystore may be corrupt.’
The /var/log/openfire/error.log says:
2009.08.11 15:01:28 [org.jivesoftware.openfire.net.SSLConfig.(SSLConfig.java:105)] SSLConfig startup problem.
storeType: [jks]
keyStoreLocation: [/usr/share/openfire/resources/security/keystore]
keypass: [changeit]
s2sTrustStoreLocation: [/usr/share/openfire/resources/security/truststore]
s2sTrustpass: [changeit]
java.io.EOFException
at java.io.DataInputStream.readInt(DataInputStream.java:375)
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:628)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)
at org.jivesoftware.openfire.net.SSLConfig.(SSLConfig.java:100)
at org.jivesoftware.openfire.spi.ConnectionManagerImpl.isClientSSLListenerEnabled( ConnectionManagerImpl.java:584)
at org.jivesoftware.openfire.spi.ConnectionManagerImpl.createClientSSLListeners(Co nnectionManagerImpl.java:379)
at org.jivesoftware.openfire.spi.ConnectionManagerImpl.createListeners(ConnectionM anagerImpl.java:92)
at org.jivesoftware.openfire.spi.ConnectionManagerImpl.start(ConnectionManagerImpl .java:826)
at org.jivesoftware.openfire.XMPPServer.startModules(XMPPServer.java:569)
at org.jivesoftware.openfire.XMPPServer.start(XMPPServer.java:434)
at org.jivesoftware.openfire.XMPPServer.(XMPPServer.java:161)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessor Impl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructor AccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at java.lang.Class.newInstance0(Class.java:355)
at java.lang.Class.newInstance(Class.java:308)
at org.jivesoftware.openfire.starter.ServerStarter.start(ServerStarter.java:106)
at org.jivesoftware.openfire.starter.ServerStarter.main(ServerStarter.java:51)
2009.08.11 15:01:28 [org.jivesoftware.openfire.container.AdminConsolePlugin.startup(AdminConsolePlu gin.java:125)]
java.io.IOException
at org.jivesoftware.openfire.net.SSLConfig.getKeyStore(SSLConfig.java:268)
at org.jivesoftware.openfire.container.AdminConsolePlugin.startup(AdminConsolePlug in.java:98)
at org.jivesoftware.openfire.container.AdminConsolePlugin.initializePlugin(AdminCo nsolePlugin.java:174)
at org.jivesoftware.openfire.container.PluginManager.loadPlugin(PluginManager.java :448)
at org.jivesoftware.openfire.container.PluginManager.access$300(PluginManager.java :47)
at org.jivesoftware.openfire.container.PluginManager$PluginMonitor.run(PluginManag er.java:1032)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:317)
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:150)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101 (ScheduledThreadPoolExecutor.java:98)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.runPeriodi c(ScheduledThreadPoolExecutor.java:181) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Schedu ledThreadPoolExecutor.java:205)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java: 885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
I’ve seen similar problem reports, but so far no real solutions (‘remove the keystore file, restart openfire and generate new certificates’ is no real solution).
I compared the keystore file before and after the reboot and it’s the same (i.e. same size, same md5sum, same timestamps, same permissions).
any hint or solution is welcomed.
andi