<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from text --><style><!-- .EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; } --></style>
</head>
<body>
<div>
<div dir="auto" style="direction:ltr; margin:0; padding:0; font-family:sans-serif; font-size:11pt; color:black">
Sounds like a missing/incorrect keystore.jceks issue. I believe the administrator password, among other things, is stored encrypted in the database, and the key by which it is encrypted is stored in the keystore.jceks file in /opt/midpoint/var/. Ive found
that when the administrator password doesn't match (assuming you're typing it correctly), it's usually because you're not using the key/keystore it was created with.<br>
<br>
</div>
<div dir="auto" style="direction:ltr; margin:0; padding:0; font-family:sans-serif; font-size:11pt; color:black">
There are instructions in the default config.xml file for how to create the keystore if you want to customize things.<br>
<br>
</div>
<div dir="auto" style="direction:ltr; margin:0; padding:0; font-family:sans-serif; font-size:11pt; color:black">
<div dir="auto" style="direction:ltr; margin:0; padding:0; font-family:sans-serif; font-size:11pt; color:black">
Get <a href="https://aka.ms/ghei36">Outlook for Android</a></div>
<br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> midPoint <midpoint-bounces@lists.evolveum.com> on behalf of Solberg, Eric <eric@solberg.com><br>
<b>Sent:</b> Tuesday, October 16, 2018 1:11:16 PM<br>
<b>To:</b> midPoint General Discussion<br>
<b>Subject:</b> [midPoint] config.xml during installation</font>
<div> </div>
</div>
</div>
<font size="2"><span style="font-size:11pt;">
<div class="PlainText">I'm installing MySQL drivers for my Midpoint setup, and have updated config.xml. I've got connectivity to the database, but am encountering a problem logging in as administrator. I'm just starting to evaluate this, but I'm not 100% confident
I followed the right process for setting up config.xml.<br>
<br>
Here's what I did:<br>
- Installed the midpoint demo with embedded database. Made a copy of the generated config.xml.<br>
- Deleted this demo instance<br>
- Setup a MySQL instance, created midpoint user & database, imported mysql-3.8-all.sql<br>
- Modified the config.xml to include <repository> settings for mysql<br>
- Modified the Dockerfile to copy config.xml to ${MP_DIR}/var/<br>
- Also modified the Dockerfile to install the SQL driver<br>
- Built the Docker image and deployed to my VM<br>
<br>
This is working and I have connectivity to the database. This setup is pretty slow, but I'm not tuning yet... The problem I'm having is I can't log in as administrator (5ecr3t password).<br>
<br>
Here's what I got in midpoint.log:<br>
018-10-16 16:44:02,824 [] [http-nio-8080-exec-4] ERROR (com.evolveum.midpoint.model.impl.sec<br>
urity.AuthenticationEvaluatorImpl): Error dealing with credentials of user "administrator" cr<br>
edentials: No key mapped to key digest FbJhcZYWk/Q3KnAucPQgRSxD/QM= could be found in the key<br>
store. Keys digests must be recomputed during initialization<br>
<br>
I'm guessing it's one of 3 things:<br>
- Was I supposed to copy config.xml from the demo? Or should I create a new config.xml with only the repository settings and let midpoint recreate everything else?<br>
- Or should I also copy the other files from the demo /opt/midpoint/var directory?<br>
- Or is there some other step to recompute key digests?<br>
<br>
Any suggestions?<br>
<br>
Thanks,<br>
Eric<br>
<br>
<br>
_______________________________________________<br>
midPoint mailing list<br>
midPoint@lists.evolveum.com<br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</div>
</span></font>
</body>
</html>