[OPENAM-12598] Replacing the keystore.jceks file from a previous deployment without the storepass file will result in a version parsing error - which could be more descriptive Created: 14/Mar/18  Updated: 28/Apr/20

Status: Open
Project: OpenAM
Component/s: CTS
Affects Version/s: 13.5.1, 14.1.1, 5.5.1, 6.0.0
Fix Version/s: None

Type: Bug Priority: Minor
Reporter: Adam Heath Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: Backlog
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
relates to OPENAM-11547 Missing entry or corrupted value in "... Resolved
is related to OPENAM-14771 Multi Server deployment documentation... Resolved
Support Ticket IDs:

 Description   

Bug description

As a result of changes made in OPENAM-11547 - the upgrade of AM may fail due to being unable to parse the versions to determine whether an upgrade is needed. At the moment, the general error output will simply state "Unable to parse product versions for comparison" if unable to parse these versions.

One cause of the version not being read has been found to be due to the keystore not being able to be read - e.g. due to a missing storepass file. in this case this information should be reported in the error message to give a clearer indication to the user of what the cause of the problem is.

How to reproduce the issue

Taken from comment within OPENAM-11547 - I reproduced it by only replacing my keystore.jceks file from a previous deployment (to preserve the amster transport key), but forgot to also move across the storepass file. In the end, the container logs were quite clear in my case as to what the issue was:

2018-03-12 07:53:39,826 INFO  [stdout] (ServerService Thread Pool -- 85) java.io.IOException: Can't open boot keystore
2018-03-12 07:53:39,826 INFO  [stdout] (ServerService Thread Pool -- 85)        at com.sun.identity.setup.BootstrapData.readBootJson(BootstrapData.java:165)
2018-03-12 07:53:39,826 INFO  [stdout] (ServerService Thread Pool -- 85)        at com.sun.identity.setup.BootstrapData.<init>(BootstrapData.java:132)
2018-03-12 07:53:39,826 INFO  [stdout] (ServerService Thread Pool -- 85)        at com.sun.identity.setup.AMSetupServlet.checkConfig
Expected behaviour
The output error message should indicate that it was unable to open the keystore to obtain the current version - most likely due to a missing storepass file
Current behaviour
The output error message simply indicates that "Unable to parse product versions for comparison"

Work around

View the container logs to confirm the issue and replace the missing storepass file.

 



 Comments   
Comment by Phill Cunnington [ 04/Apr/18 ]

Moving issues to the "backlog" that do not have a customer ticket attached.

Comment by Tasos Kampas [ 28/Apr/20 ]

This has actually been hit by lots of customers but since we simply provide the [KB|https://backstage.forgerock.com/knowledge/kb/article/a95463502] as a response to them, they are not listed here. Also, there are other causes in the KB apart from the one described in this JIRA. This is a similar case to https://bugster.forgerock.org/jira/browse/OPENAM-15510 where a very generic error was returned but with no indication of what could be causing it. Most of the time it's hard to recover from this error so we need to return additional logging for all scenarios.

Generated at Mon Sep 21 16:32:39 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.