Keystore is not created with java 22 (password needed)

[psychonaut]

Describe the Bug

Running the latest elasticsearch module with elasticsearch 8.15.1 on Rocky 9 throws error:

Error: Execution of 'keytool -importkeystore -srcstoretype PKCS12 -destkeystore /etc/elasticsearch/elasticsearch.ks -srckeystore /tmp/elasticsearch_node.20241023-51377-1njhkrb -alias elasticsearch_node' returned 1: Importing keystore /tmp/elasticsearch_node.20241023-51377-1njhkrb to /etc/elasticsearch/elasticsearch.ks...
Enter destination keystore password:  Enter source keystore password:  
*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in the srckeystore*
* has NOT been verified!  In order to verify its integrity, *
* you must provide the srckeystore password.                *
*****************  WARNING WARNING WARNING  *****************

Enter key password for <elasticsearch_node>Enter key password for <elasticsearch_node>Enter key password for <elasticsearch_node>keytool error: java.lang.Exception: Too many failures - try later
Error: /Stage[main]/Elasticsearch::Config/Java_ks[elasticsearch_node]/ensure: change from 'absent' to 'present' failed: Execution of 'keytool -importkeystore -srcstoretype PKCS12 -destkeystore /etc/elasticsearch/elasticsearch.ks -srckeystore /tmp/elasticsearch_node.20241023-51377-1njhkrb -alias elasticsearch_node' returned 1: Importing keystore /tmp/elasticsearch_node.20241023-51377-1njhkrb to /etc/elasticsearch/elasticsearch.ks...
Enter destination keystore password:  Enter source keystore password:  
*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in the srckeystore*
* has NOT been verified!  In order to verify its integrity, *
* you must provide the srckeystore password.                *
*****************  WARNING WARNING WARNING  *****************

Enter key password for <elasticsearch_node>Enter key password for <elasticsearch_node>Enter key password for <elasticsearch_node>keytool error: java.lang.Exception: Too many failures - try later (corrective)

from elasticsearch module:

      # Trust CA Certificate
      java_ks { 'elasticsearch_ca':
        ensure       => present,
        certificate  => $elasticsearch::ca_certificate,
        target       => $_keystore_path,
        password     => $elasticsearch::keystore_password,
        trustcacerts => true,
      }

      # Load node certificate and private key
      java_ks { 'elasticsearch_node':
        ensure           => present,
        certificate      => $elasticsearch::certificate,
        private_key      => $elasticsearch::private_key,
        private_key_type => $elasticsearch::private_key_type,
        target           => $_keystore_path,
        password         => $elasticsearch::keystore_password,
      }

The password is not empty in both cases.

Java version used in elasticsearch:

/usr/share/elasticsearch/jdk/bin/java -version
openjdk version "22.0.1" 2024-04-16
OpenJDK Runtime Environment (build 22.0.1+8-16)
OpenJDK 64-Bit Server VM (build 22.0.1+8-16, mixed mode, sharing)

This is probably a combination of Java and operation system versions, the same module used on elasticsearch 7.17 works properly.

Expected Behavior

proper keystore should be created.

Steps to Reproduce

I have included code from elasticsearch module.

Environment

• Java version 22.0.1
• Platform: Rocky 9.5
• Puppet version: 7.33.0

Additional Context

When I run commands from above manually (outside puppet run), the keystore is created but I have to provide the password manually on every step.