I’m having trouble deploying Alfresco Content Services Community Edition (version 23.2.1) on Tomcat 10.1.28 in windows. After setting up the keystore and configuring alfresco-global.properties, I receive the following error:
SEVERE: Exception sending context initialized event to listener instance of class [org.alfresco.web.app.servlet.CORSContextListener] org.alfresco.error.AlfrescoRuntimeException: 08030002 Keystores are invalid ... Caused by: org.alfresco.error.AlfrescoRuntimeException: 08030000 Unable to get secret key: no key information is provided
Configuration Details:
-
alfresco-global.properties:
Set this property unless you have explicitly chosen to expose some repository APIs without authentication
#solr.secureComms=https
# Custom content and index data location
dir.root=D:/tomcat/apache-tomcat-10.1.28/alfresco/keystore
dir.keystore=D:/tomcat/apache-tomcat-10.1.28/alfresco/keystore
dir.contentstore=D:/tomcat/apache-tomcat-10.1.28/alfresco/contentstore
dir.contentstore.deleted=D:/tomcat/apache-tomcat-10.1.28/alfresco/contentstore.deleted
# Sample database connection properties
db.driver=com.mysql.cj.jdbc.Driver
db.url=jdbc:mysql://localhost:3306/alfresco?useSSL=false&serverTimezone=UTC
db.username=alfresco_user
db.password=***
# URL Generation Parameters (The ${localname} token is replaced by the local server name)
alfresco.context=/alfresco
alfresco.host=localhost
alfresco.port=8080
alfresco.protocol=http
share.context=/share
share.host=localhost
share.port=8080
share.protocol=http
transform.service.enabled=false
local.transform.service.enabled=false
legacy.transform.service.enabled=false
encryption.keystore.path=D:/tomcat/apache-tomcat-10.1.28/alfresco/keystore/keystore.p12
encryption.keystore.type=pkcs12
encryption.key.alias=metadata
encryption.keystore.password=alfresco
encryption.cipherAlgorithm=AES/CBC/PKCS5Padding
encryption.keyAlgorithm=AES
encryption.mac.algorithm=HmacSHA1
-
Keystore Creation Command:
keytool -genkeypair -alias metadata -keyalg RSA -keysize 2048 -keystore D:/tomcat/apache-tomcat-10.1.28/alfresco/keystore/keystore.p12 -storetype pkcs12 -storepass alfresco -keypass alfresco
Troubleshooting Steps Taken:
1.Verified keystore path and permissions.
Recreated the keystore (truststore too) with different parameters.
3.Checked Tomcat logs and configurations.
Question: What could be causing this issue, and how can I resolve it?
A warning upfront: never ever regenerate the metadata encryption key if you do not know what you’re doing. You may and up in a broken repository.
It looks like you mismatched some parameters for the metadata encryption.
e.g. in alfresco-global.properties you define the locations and types (metadata ecryption keystore.type is expected to be JCEKS):
encryption.keystore.location=${dir.keystore}/keystore
encryption.keystore.provider=
encryption.keystore.type=JCEKS
encryption.keystore.keyMetaData.location=${dir.keystore}/keystore-passwords.properties
In the configured keyMetaData.location file you store the properties for
- aliases
- keystore.password
- metadata.keyData
- metadata.algorithm
- metadata.password
s. Manage Alfresco keystores