[keycloak-user] jboss-cli SSL access to keycloak Management interface usage, in Elytron 2-way SSL config, failing: "problem accessing trust store: DerInputStream.getLength(): lengthTag=78, too big" ?
PGNet Dev
pgnet.dev at gmail.com
Fri Sep 6 21:09:41 EDT 2019
On 9/6/19 1:16 PM, Pedro Igor Silva wrote:
> Hi,
>
> Seems to be related to the trust store format. I would suggest you to
> take a look here [1]. Especially the "CLI Configuration" section so that
> you configure the CLI properly instead of using systemprops for
> specifying both key and trust stores.
>
> [1]
> https://docs.jboss.org/author/display/WFLY/SSL+with+Client+Cert+Migration
Not quite 'complete', but *much* more informative than the
Simple SSL Migration
https://docs.jboss.org/author/display/WFLY/Simple+SSL+Migration
I'd been staring at.
Followed your reference, did some more digging, switched to PKCS12, and ...
... got it sorted.
I've got access via SSL for admin webUI, mgmt webUI, and cli.
thx!
More information about the keycloak-user
mailing list