ci.docker Containerized Liberty application has startup error if server.xml has default Keystore

Failing Scenario: Many Liberty applications running on-prem have the defaultKeyStore line to create keystore to enable HTTPS. If such application tis containerized with server.xml containing <keyStore id="defaultKeyStore" password="secret" />, application will start but you cannot access the application on SSL. When you look at the Liberty log, error is CWPKI0033E: The keystore located at /opt/ol/wlp/output/defaultServer/resources/security/key.p12 did not load because of the following error: keystore password was incorrect"

This behavior is confusing for many users and we want to find a way to resolve this error condition.

Jul 18 '23 21:07 mtamboli

@leochr Please let me know if you would like more information.

Jul 18 '23 21:07 mtamboli

@mtamboli I tried to reproduce this but didn't manage it. Can you give me any more details on the failing scenario? Maybe examples of the dockerfile and server.xml? Thanks.

Jul 25 '23 16:07 idlewis

I've now managed to reproduce this. The failure occurs if the liberty container is running under the open liberty operator.

Jul 27 '23 15:07 idlewis

@idlewis yes, that is how we are deploying our containers.

Jul 27 '23 15:07 mtamboli

@idlewis When will this problem be fixed?

Aug 16 '23 17:08 mtamboli

@mtamboli Sorry for the slow reponse, I have been out for a few days. This isn't an easy fix, I'm sorry but I don't have an ETA for you right now

Aug 21 '23 13:08 idlewis

@idlewis @leochr do we have a timeline for this fix?

Oct 11 '23 19:10 mtamboli

@mtamboli We are shifting focus back to this after dealing with other deliverables. We don't have a timeline yet, but it is a priority item.

Oct 11 '23 21:10 leochr