[User Error] Container fails to start after update from 3.13.x to 3.14.0.04

Hello,

Just updated my Nexus3 Docker image from sonatype/nexus3:latest on Docker Hub, and now the container fails to start, complaining about HTTP and the keystore.

Note, I’m not configuring HTTPS/SSL in Nexus because I have a nginx proxy handling that part. So I’m not sure why it would complain about not having a keystore.

This is a relatively fresh installation. I’ve only set up Docker registry, proxy and group repos, and have not put any data into them yet. I currently wouldn’t be upset if some destructive testing would be helpful to figuring out the issue.

Thanks!

Log snippets:
2018-10-16 11:30:15,356-0700 ERROR [jetty-main-1] *SYSTEM org.sonatype.nexus.bootstrap.jetty.JettyServer - Failed to start

java.lang.IllegalStateException: no valid keystore
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:50)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1071)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:262)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:229)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:72)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:279)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:235)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:398)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.sonatype.nexus.bootstrap.jetty.JettyServer$JettyMainThread.run(JettyServer.java:274)

AND

2018-10-16 11:30:14,564-0700 WARN [FelixStartLevel] *SYSTEM org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl - Could not configure HTTP connector on port 1982 for docker repository cfo-docker
org.sonatype.nexus.bootstrap.jetty.UnsupportedHttpSchemeException: Unsupported HTTP Scheme: http
at org.sonatype.nexus.internal.jetty.ConnectorRegistrarImpl.validate(ConnectorRegistrarImpl.java:128)
at org.sonatype.nexus.internal.jetty.ConnectorRegistrarImpl.addConnector(ConnectorRegistrarImpl.java:84)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl.doStart(DockerConnectorFacetImpl.java:107)
at org.sonatype.nexus.repository.FacetSupport.start(FacetSupport.java:156)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl$$EnhancerByGuice$$7614be24.CGLIB$start$22(<generated>)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl$$EnhancerByGuice$$7614be24$$FastClassByGuice$$2a5608c2.invoke(<generated>)
at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:76)
at org.sonatype.nexus.common.stateguard.MethodInvocationAction.run(MethodInvocationAction.java:39)
at org.sonatype.nexus.common.stateguard.StateGuard$TransitionImpl.run(StateGuard.java:193)
at org.sonatype.nexus.common.stateguard.TransitionsInterceptor.invoke(TransitionsInterceptor.java:56)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl$$EnhancerByGuice$$7614be24.start(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl.start(RepositoryImpl.java:228)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl$$EnhancerByGuice$$dc09c205.CGLIB$start$12(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl$$EnhancerByGuice$$dc09c205$$FastClassByGuice$$470077de.invoke(<generated>)
at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:76)
at org.sonatype.nexus.common.stateguard.MethodInvocationAction.run(MethodInvocationAction.java:39)
at org.sonatype.nexus.common.stateguard.StateGuard$TransitionImpl.run(StateGuard.java:193)
at org.sonatype.nexus.common.stateguard.TransitionsInterceptor.invoke(TransitionsInterceptor.java:56)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl$$EnhancerByGuice$$dc09c205.start(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl.startRepositories(RepositoryManagerImpl.java:267)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl.doStart(RepositoryManagerImpl.java:240)
at org.sonatype.nexus.common.stateguard.StateGuardLifecycleSupport.start(StateGuardLifecycleSupport.java:67)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl$$EnhancerByGuice$$2d374f51.CGLIB$start$19(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl$$EnhancerByGuice$$2d374f51$$FastClassByGuice$$6b32edd9.invoke(<generated>)
at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:76)
at org.sonatype.nexus.common.stateguard.MethodInvocationAction.run(MethodInvocationAction.java:39)
at org.sonatype.nexus.common.stateguard.StateGuard$TransitionImpl.run(StateGuard.java:193)
at org.sonatype.nexus.common.stateguard.TransitionsInterceptor.invoke(TransitionsInterceptor.java:56)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl$$EnhancerByGuice$$2d374f51.start(<generated>)
at org.sonatype.nexus.extender.NexusLifecycleManager.startComponent(NexusLifecycleManager.java:157)
at org.sonatype.nexus.extender.NexusLifecycleManager.to(NexusLifecycleManager.java:95)
at org.sonatype.nexus.extender.NexusContextListener.frameworkEvent(NexusContextListener.java:195)
at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1429)
at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
at java.lang.Thread.run(Thread.java:748)
2018-10-16 11:30:14,568-0700 WARN [FelixStartLevel] *SYSTEM org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl - Could not configure HTTP connector on port 1983 for docker repository docker
org.sonatype.nexus.bootstrap.jetty.UnsupportedHttpSchemeException: Unsupported HTTP Scheme: http
at org.sonatype.nexus.internal.jetty.ConnectorRegistrarImpl.validate(ConnectorRegistrarImpl.java:128)
at org.sonatype.nexus.internal.jetty.ConnectorRegistrarImpl.addConnector(ConnectorRegistrarImpl.java:84)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl.doStart(DockerConnectorFacetImpl.java:107)
at org.sonatype.nexus.repository.FacetSupport.start(FacetSupport.java:156)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl$$EnhancerByGuice$$7614be24.CGLIB$start$22(<generated>)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl$$EnhancerByGuice$$7614be24$$FastClassByGuice$$2a5608c2.invoke(<generated>)
at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:76)
at org.sonatype.nexus.common.stateguard.MethodInvocationAction.run(MethodInvocationAction.java:39)
at org.sonatype.nexus.common.stateguard.StateGuard$TransitionImpl.run(StateGuard.java:193)
at org.sonatype.nexus.common.stateguard.TransitionsInterceptor.invoke(TransitionsInterceptor.java:56)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55)
at org.sonatype.nexus.repository.docker.internal.DockerConnectorFacetImpl$$EnhancerByGuice$$7614be24.start(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl.start(RepositoryImpl.java:228)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl$$EnhancerByGuice$$dc09c205.CGLIB$start$12(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl$$EnhancerByGuice$$dc09c205$$FastClassByGuice$$470077de.invoke(<generated>)
at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:76)
at org.sonatype.nexus.common.stateguard.MethodInvocationAction.run(MethodInvocationAction.java:39)
at org.sonatype.nexus.common.stateguard.StateGuard$TransitionImpl.run(StateGuard.java:193)
at org.sonatype.nexus.common.stateguard.TransitionsInterceptor.invoke(TransitionsInterceptor.java:56)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55)
at org.sonatype.nexus.repository.manager.internal.RepositoryImpl$$EnhancerByGuice$$dc09c205.start(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl.startRepositories(RepositoryManagerImpl.java:267)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl.doStart(RepositoryManagerImpl.java:240)
at org.sonatype.nexus.common.stateguard.StateGuardLifecycleSupport.start(StateGuardLifecycleSupport.java:67)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl$$EnhancerByGuice$$2d374f51.CGLIB$start$19(<generated>)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl$$EnhancerByGuice$$2d374f51$$FastClassByGuice$$6b32edd9.invoke(<generated>)
at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:76)
at org.sonatype.nexus.common.stateguard.MethodInvocationAction.run(MethodInvocationAction.java:39)
at org.sonatype.nexus.common.stateguard.StateGuard$TransitionImpl.run(StateGuard.java:193)
at org.sonatype.nexus.common.stateguard.TransitionsInterceptor.invoke(TransitionsInterceptor.java:56)
at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55)
at org.sonatype.nexus.repository.manager.internal.RepositoryManagerImpl$$EnhancerByGuice$$2d374f51.start(<generated>)
at org.sonatype.nexus.extender.NexusLifecycleManager.startComponent(NexusLifecycleManager.java:157)
at org.sonatype.nexus.extender.NexusLifecycleManager.to(NexusLifecycleManager.java:95)
at org.sonatype.nexus.extender.NexusContextListener.frameworkEvent(NexusContextListener.java:195)
at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1429)
at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
at java.lang.Thread.run(Thread.java:748)

Did you have ${jetty.etc}/jetty-https.xml defined in your nexus-args in your nexus.properties? As far as I know this is the only call to keystore and does not occur out of the box.

You say you setup docker repos, is your instance not running or is it running and you’re getting those log messages anyway?
-Joe

Hi jtom,

Since it’s a Docker container, I don’t have the option to affect ${jetty.etc}/jetty-https.xml without customization, which I haven’t done. I read the docs on that and decided I’d be better off running the nginx proxy to handle HTTPS, instead of messing with the Nexus/Jetty configs.

The container was running before the image update. But now it won’t start up at all from the new image, logging the info I pasted above.

Thanks!

Well, PEBCAK. Apparently I DID in fact mess with nexus.properties. I had added ${jetty.etc}/jetty-https.xml and removed ${jetty.etc}/jetty-http.xml, but never did anything with those XML files. I thought I was changing configs in a temp container, not the persistent files under my real container.

Back in business.

Thanks!