[jboss-user] [Installation, Configuration & Deployment] - SSL-Connector - problem with keystore format
SideWinder
do-not-reply at jboss.com
Thu Nov 23 16:06:02 EST 2006
I want to test an application which needs a https-connection and a certificate with the extended parameter "keyUsage digitalSignature" set.
First I set up an SSL-connector:
| <Connector port="8443" address="${jboss.bind.address}"
| maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
| emptySessionPath="true"
| scheme="https" secure="true" enableLookups="uri"
| useURIValidationHack="false" disableUploadTimeout="true"
| clientAuth="false" sslProtocol="TLS"
| keystoreFile="${jboss.server.home.dir}/conf/https.keystore"
| keystorePass="*****"
| />
|
Then created the certificate with OpenSSL:
| // generating the key
| openssl genrsa -des3 -out C:\CertTest\https.key
|
| // generating the certificate request
| openssl req -new -config C:\CertTest\elogon.cfg -key C:\CertTest\https.key -out C:\CertTest\https.csr
|
| // sign the certificate (by myself)
| openssl x509 -req -days 365 -in C:\CertTest\https.csr -signkey C:\CertTest\https.key -out C:\CertTest\https.crt
|
| // putting the certificate into the keystore
| openssl pkcs12 -export -name eLogon -in C:\CertTest\https.crt -inkey C:\CertTest\https.key -out C:\CertTest\https.keystore
|
I copied the https.keystore file into the conf-directory of JBoss. But when I start JBoss I get an error:
| 21:56:36,437 14187 ERROR [Http11BaseProtocol] (main:) Error initializing endpoint
| java.io.IOException: Invalid keystore format
|
I've read this wiki-article: http://wiki.jboss.org/wiki/Wiki.jsp?page=SSLSetup and checked my keystore with:
| keytool -list -keystore C:\CertTest\https.keystore -storetype PKCS12
|
it seems correct. Keystore type: PKCS12, Keystore provider: SunJSSE and 1 entry:
| elogon, 23.11.2006, keyEntry,
| Zertifikatsfingerabdruck (MD5): ****
|
So why can't JBoss read my keystore-file?
best regards,
dominik
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3988273#3988273
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3988273
More information about the jboss-user
mailing list