The create-domain command fails with custom master password in AIX (6628170)

Description

On the AIX operating system, an attempt to create a domain with a custom master password fails with the following error:

keytool error (likely untranslated): java.lang.NullPointerException
 Enter keystore password:  New keystore password:

Solution: (AIX) To Create a Domain With a Custom Master Password

In the procedure that follows, only the options that are required in each step are provided. If you require additional options for a command, specify these options in the command. For information about Enterprise Server commands, see Sun GlassFish Enterprise Server v2.1.1 Reference Manual.

1. Create a shell script that contains the following lines of code:

   #!/bin/sh
   changeKeystorePass() {
     keytool -storepasswd -keystore ${KEYSTORE} -storepass ${OLD} -new ${NEW}
   }
   changeTruststorePass() {
     keytool -storepasswd -keystore ${TRUSTSTORE} -storepass ${OLD} -new ${NEW}
   }
   changeKeyPass() {
     keytool -keypasswd -alias s1as -keystore ${KEYSTORE} -storepass ${NEW} -keypass ${OLD} -new ${NEW}
   }
   changeDomainPasswordEntry() {
     keytool -storepasswd -storetype JCEKS -keystore ${DOMAINPASSWORDS} -storepass ${OLD} -new ${NEW}
   }
   deleteMasterPasswordFile() {
     if [ -f ${DOMAIN_PATH}/master-password ] ; then
       echo Deleting ${DOMAIN_PATH}/master-password
       rm -f ${DOMAIN_PATH}/master-password
     fi
   }
   DOMAIN_PATH=$1
   OLD=$2
   NEW=$3
   if [ $# != 3 ] ; then
     echo Usage: $0 domain-path old-master-pass new-master-pass
     exit 1
   fi
   echo Processing ...
   if [ ! -f ${DOMAIN_PATH}/config/domain.xml ] ; then
     echo "Domain with folder ${DOMAIN_PATH} does not exist, create it first"
     exit 2
   else
     KEYSTORE=${DOMAIN_PATH}/config/keystore.jks
     TRUSTSTORE=${DOMAIN_PATH}/config/cacerts.jks
     DOMAINPASSWORDS=${DOMAIN_PATH}/config/domain-passwords
     changeKeystorePass
     changeTruststorePass
     changeKeyPass
     changeDomainPasswordEntry
     deleteMasterPasswordFile
   fi

2. Create a domain, specifying the default master password.

   aadmin create-domain {--adminport aminportno|--portbase portbase} domain-name Please enter the admin user name>admin-user Please enter the admin password>admin-user-password Please enter the admin password again>admin-user-password Please enter the master password [Enter to accept the default]:> Please enter the master password again [Enter to accept the default]:>

   The default master password is changeit.

3. Change the master password of the domain that you have just created.

   To change the master password, run the script that you created in Step 1.

   script-name domain-path old-password new-password

4. Start the domain that you created in Step 2.

   asadmin start-domain domain-name

   Because the domain has a custom master password, you are prompted for the master password.

5. In response to the prompt, type the new master password.

6. For domains that are configured to support clusters, create and start a node agent.

   1. Create a node agent for the domain that you created in Step 2.

      asadmin create-node-agent --port portno --user admin-user

   2. Start the node agent that you created in Step a.

      asadmin start-node-agent

      Because the domain has a custom master password, you are prompted for the master password.

   3. In response to the prompt, type the new master password.

See Also

The following Enterprise Server man pages:

• create-domain(1)

• create-node-agent(1)

• start-domain(1)

• start-node-agent(1)