Keywhiz 0.10.2 having error "java.lang.NoClassDefFoundError: org/bouncycastle/jce/provider/BouncyCastleProvider" ... #599
Comments
@FlavioImbertDomingos Looks like you're missing the BouncyCastle jar? Has anything changed in your Keywhiz set-up since 0.8? It might be helpful if you could show your YAML config. @alokmenghrajani I'm not super familiar with BC use in Keywhiz, do you know if we have always excluded BC from the shaded jar? |
BouncyCastle (BC) is excluded from the shaded jar because people with HSMs (or cloud keys or whatever specific setup you might have) will want to provide their own provider (the exclusion happens here: https://github.com/square/keywhiz/blob/master/pom.xml#L481). In addition, with older versions of Java, we had to sign providers and including signed jars in a shaded jar would break the signature. With newer versions of Java, we can include BC and figure out a way to provide an override when needed. I'll have to investigate why NoClassDefFoundError is being triggered here. @FlavioImbertDomingos are you running the code on the same machine you built it? |
Hi Guys!
No, I initially tried to build in the same machine I am running Keywhiz 0.8 in STG running the same machine/version/code in prod. But I had so many issues trying to install Java 11 there and Maven that I decided to build a new fresh machine. So I built a new CentOS machine with JDK Java 11 installed without issues and Maven as well. So, I built the Keywhiz binary there, different machine, with vanilla Java 11 installed. I am I understanding, I may be missing (have to download) some Java libraries (those restrict ones)? |
I know you are busy man :) Anyways, is there anything I can do to help solve this issue? Thank you so much! |
I guess I understand now. I will remove the line that exclude BouncyCastle and compile it version again. Thank you for the information. |
@FlavioImbertDomingos you can also just download a jar from https://www.bouncycastle.org/latest_releases.html and make sure you add it to the list of jars that you use to launch keywhiz with |
@mbyczkowski |
Sorry for the delay. @mbyczkowski's answer should work 🤞 We could add instructions to our docs re building + then running the server on another machine. |
no problem man! You guys ROCK! Anyways, I don't think I will have time to focus on it this week. Maybe next week I will focus on Keywhiz upgrade project ;) Have an amazing week. Flavio. |
I was able to compile with the missing BouncyCastle. I guess my issue now is just update my HSM client to be compatible with Java 11... I will ask the team that manage the HSM to help with that. Hopefully it fix the issue bellow ;) $ java -javaagent:/opt/jolokia-jvm-1.3.6-agent.jar -jar ./keywhiz-server-0.10.2-SNAPSHOT-shaded.jar server ./keywhiz-stg.yml
1 error $ java --version |
I was able to compile the latest version of Keywhiz 0.10.2 successfully.
But when I try to run it, I got an error: "java.lang.NoClassDefFoundError: org/bouncycastle/jce/provider/BouncyCastleProvider"
Do you know why that happen and how to fix it?
$ java -javaagent:/opt/jolokia-jvm-1.3.6-agent.jar -jar /opt/keywhiz-server-0.10.2-SNAPSHOT-shaded.jar server /opt/keywhiz-master/server/target/classes/keywhiz-stg.yml
I> No access restrictor found, access to any MBean is allowed
Jolokia: Agent started with URL http://127.0.0.1:8778/jolokia/
java.lang.NoClassDefFoundError: org/bouncycastle/jce/provider/BouncyCastleProvider
at keywhiz.ServiceModule.configure(ServiceModule.java:63)
at com.google.inject.AbstractModule.configure(AbstractModule.java:61)
at com.google.inject.spi.Elements$RecordingBinder.install(Elements.java:344)
at com.google.inject.spi.Elements.getElements(Elements.java:103)
at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:137)
at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:103)
at com.google.inject.Guice.createInjector(Guice.java:87)
at com.google.inject.Guice.createInjector(Guice.java:69)
at com.google.inject.Guice.createInjector(Guice.java:59)
at keywhiz.KeywhizService.run(KeywhizService.java:114)
at keywhiz.KeywhizService.run(KeywhizService.java:71)
at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:43)
at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:87)
at io.dropwizard.cli.Cli.run(Cli.java:78)
at io.dropwizard.Application.run(Application.java:93)
at keywhiz.KeywhizService.main(KeywhizService.java:78)
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:583)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
... 16 more
[keywhiz@keywhiz-233048331-1-258246470 ~]$
$ java --version
openjdk 11.0.3 2019-04-16 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.3+7-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.3+7-LTS, mixed mode, sharing)
[keywhiz@keywhiz-233048331-1-258246470 ~]$
Any idea?
Thank you in advance,
Flavio.
The text was updated successfully, but these errors were encountered: