Hi,
I’ve been running NxRM 3.37 forever and wanted to update to v3.39 tonight, but run into multiple issues.
First, some description on my setup.
NxRM runs in my own custom (Alpine-based) docker image and is serviced with supervisord.
It listens on https:1808 and on https:9820 for the docker registry . The binaries are housed under /opt/nexus3/nexus-$VERSION, the data is under /opt/nexus3/sonatype-work/nexus3/ in a docker volume to ensure data persistency.
I’ve modified /opt/nexus3/etc/jetty/jetty-https.xml to replace the value “password” with my actual password, and kept /opt/nexus3/sonatype/nexus3/etc/nexus.properties as is, with the correct port number for https.
All of this worked just fine under 3.37.
Under 3.39, to be safe, I’ve replaced /opt/nexus3/etc/jetty/jetty-https.xml with the new one, putting the proper password values where needed. Everything else has been left untouched.
NOW…
When I tried to start it up, it complains of
2022-06-21 21:38:06,223-0400 ERROR [jetty-main-1] *SYSTEM org.sonatype.nexus.bootstrap.jetty.JettyServer - Failed to start
java.io.IOException: Keystore was tampered with, or password was incorrect
If I run the keytool utility to check the password, it runs OK:
[22:04:14|nexus@nexus:~/sonatype-work/nexus3/etc] keytool -list -keystore ssl/keystore.jks |head -5
Enter keystore password: ******
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
<snip>
I’m at loss to figure this one out.
Before you go and say anything about docker, please do remember that this container has been running 3.37 for some time, and some other versions for at least a year. It’s not a docker issue; it’s a keystore issue.
–Jeff