Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Forum
- Re: Error Keystores are invalid when upgrade from ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Error Keystores are invalid when upgrade from 4.1.1 to 5.2.4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2023 06:37 AM
Hi,
I am trying to migrate an Alfresco installation from version 4.1.1 to 5.2.4 (and then to 7.1).
I have followed the steps outlined at https://docs.alfresco.com/content-services/5.2/upgrade/#upgrading-alfresco-content-services. This is a one node installation.
I have done a clean install on a new server with version 5.2.4. After checking that it works correctly, I have configured alfresco-global.properties to point to the original database (from version 4.1.1) and to the original contentstore (from version 4.1.1), and I have deleted the index files so that they are generated again:
- /opt/alfresco-content-services/alf_data/solr4/index/workspace/SpacesStore/*
- /opt/alfresco-content-services/alf_data/solr4/index/archive/SpacesStore/*
- /opt/alfresco-content-services/alf_data/solr4/model/* /opt/alfresco-content-services/alf_data/solr4/model/*
- /opt/alfresco-content-services/alf_data/solr4/content/*
The original version (4.1.1) was configured with solr 1.4, and in version 5.2.4 I am starting it with solr 4.
When I boot, the problem it shows me in catalina.out is:
org.alfresco.error.AlfrescoRuntimeException: 01070024 Keystores are invalid
at org.alfresco.enterprise.repo.authorization.encryption.AlfrescoContentKeyStoreImpl$1.execute(AlfrescoContentKeyStoreImpl.java:89)
at org.alfresco.enterprise.repo.authorization.encryption.AlfrescoContentKeyStoreImpl$1.execute(AlfrescoContentKeyStoreImpl.java:79)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:464)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:333)
at org.alfresco.enterprise.repo.authorization.encryption.AlfrescoContentKeyStoreImpl.onApplicationEvent(AlfrescoContentKeyStoreImpl.java:78)
at org.alfresco.enterprise.repo.authorization.encryption.AlfrescoContentKeyStoreImpl.onApplicationEvent(AlfrescoContentKeyStoreImpl.java:41)
at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEventInternal(SafeApplicationEventMulticaster.java:214)
at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:185)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:334)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:954)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:482)
at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:410)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:306)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112)
at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:70)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:5110)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5633)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:145)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:1015)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:991)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:652)
at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:712)
at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:2002)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.alfresco.encryption.MissingKeyException: Key authorization is missing from keystore system://system/28b04a08-4862-443b-8966-285ed1b28133
at org.alfresco.encryption.AlfrescoKeyStoreImpl.validateKeys(AlfrescoKeyStoreImpl.java:902)
at org.alfresco.encryption.AlfrescoKeyStoreImpl.validateKeys(AlfrescoKeyStoreImpl.java:188)
at org.alfresco.enterprise.repo.authorization.encryption.AlfrescoContentKeyStoreImpl.initiateAndValidate(AlfrescoContentKeyStoreImpl.java:118)
at org.alfresco.enterprise.repo.authorization.encryption.AlfrescoContentKeyStoreImpl$1.execute(AlfrescoContentKeyStoreImpl.java:84)
... 27 moreI have tried putting the original keystore folder (from version 4.1.1) but it still crashes.
If I boot again but pointing to the initial database of the 5.4.2 installation with the keystore folder of version 4.1.1.1 it boots without problems.
What is the reason for this error?
Thank you very much.
Labels:
- Labels:
-
Alfresco Content Services
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2023 04:25 AM
Take the keystore folder from 5.2.4. It must be in the alf_data folder by default (dir.keystore=${dir.root}/keystore). As I understand when you try to start upgrade, you point contentsotre to old 4.1.1 alf_data with old 4.1.1 keystore.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2023 08:04 AM
Hello, thank you for your reply.
I try to boot pointing to the version 4.1 contenstore and to the version 4.1 database. Regarding the keystore, I have tried with both, version 5.4.2 and version 4.1, and I always get the error:
org.alfresco.error.AlfrescoRuntimeException: 01080024 Keystores are invalid ... Caused by: org.alfresco.encryption.MissingKeyException: Key authorization is missing from keystore system://system/28b04a08-4862-443b-8966-285ed1b28133
Something curious, if I add this configuration to alfresco-global.properties for the clean install of alfresco 5.4.2:
# encryption
solr.secureComms=https
# ssl encryption
encryption.ssl.keystore.location=${dir.keystore}/ssl.keystore
encryption.ssl.keystore.type=JCEKS
encryption.ssl.keystore.keyMetaData.location=
encryption.ssl.truststore.location=${dir.keystore}/ssl.truststore
encryption.ssl.truststore.type=JCEKS
encryption.ssl.truststore.keyMetaData.location=
# secret key keystore configuration
encryption.keystore.location=${dir.keystore}/keystore
encryption.keystore.keyMetaData.location=
encryption.keystore.type=JCEKSI get the following error:
org.alfresco.error.AlfrescoRuntimeException: 01080000 Keystores are invalid ... Caused by: org.alfresco.encryption.MissingKeyException: Key metadata is missing from keystore /opt/alfresco-content-services/alf_data/keystore/keystore
And I have this configuration as well:
dir.root=/opt/alfresco-content-services/alf_data
dir.keystore=${dir.root}/keystoreIt's as if it doesn't really take the files I have in: /opt/alfresco-content-services/alf_data/keystore
browser.p12 CreateSSLKeystores.txt generate_keystores.bat generate_keystores.sh keystore keystore-passwords.properties readme.txt ssl.keystore ssl-keystore-passwords.properties ssl.truststore ssl-truststore-passwords.properties
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-08-2023 10:43 AM
If I add this configuration to the alfresco-global.properties file:
# encryption
solr.secureComms=https
# ssl encryption
encryption.ssl.keystore.location=${dir.keystore}/ssl.keystore
encryption.ssl.keystore.type=JCEKS
encryption.ssl.truststore.location=${dir.keystore}/ssl.truststore
encryption.ssl.truststore.type=JCEKS
encryption.ssl.keystore.keyMetaData.location=${dir.keystore}/ssl-keystore-passwords.properties
encryption.ssl.truststore.keyMetaData.location=${dir.keystore}/ssl-truststore-passwords.properties
# secret key keystore configuration
encryption.keystore.location=${dir.keystore}/keystore
encryption.keystore.keyMetaData.location=${dir.keystore}/keystore-passwords.properties
encryption.keystore.type=JCEKSNow the keystore errors do not appear when starting alfresco pointing to the clean install data. But the original error still appears when I point to the 4.1 datastore and database.
Related Content
- Keystore Validation Error During Alfresco Deployment on Tomcat in Alfresco Forum
- Alfresco 23.1 Community - keystore error: Keystores are invalid in Alfresco Forum
- ACS 7.4 Community keystore issue in Alfresco Forum
- Error on upgrade Afresco CE 6.2 to 7.3 in Alfresco Forum
- Error Keystores are invalid when upgrade from 4.1.1 to 5.2.4 in Alfresco Forum
Getting started
Explore our Alfresco products with the links below. Use labels to filter content by product module.
