Invalid keystore format error trying to give a keystore to Tomcat
up vote
0
down vote
favorite
I'm unable to make my project load a jks keystore. It's a Spring Boot 2.1.0-RELEASE. I've set the options below to configure the Tomcat server with SSL
I am not writing the code, it's loaded from a dependency, and I have to change the name of the file to post.
server.port=8080
server.ssl.enabled=true
server.ssl.trust-store=classpath:101816-my-keyfile.jks
server.ssl.trust-store-password=changeit
server.ssl.key-store=classpath:101816-my-keyfile.jks
server.ssl.key-password=changeit
server.ssl.key-alias=my-key-alias
I've tried changing the file to demonstrate that it actually IS finding the classpath resource.
I've tried converting it to PKCS#12 with the keytool command:
keytool -importkeystore
-srckeystore ./101816-my-keyfile.jks
-destkeystore ./101816-my-keyfile.jks
-deststoretype pkcs12
I've tried converting (Back) it to JKS and JCEKS using the same command with different dest type.
I've running on java versions Oracle "1.8.0_191" and an Openjdk 8.
I've tried using the keytool from JDK 11 and JDK 8.
But I cannot consistantly get any result other than:
Caused by: java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) ~[?:1.8.0_191]
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) ~[?:1.8.0_191]
at java.security.KeyStore.load(KeyStore.java:1445) ~[?:1.8.0_191]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:160) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:204) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:184) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
java spring tomcat jks
asked Nov 9 at 15:29
spl
1017
add a comment |
up vote
0
down vote
favorite
I'm unable to make my project load a jks keystore. It's a Spring Boot 2.1.0-RELEASE. I've set the options below to configure the Tomcat server with SSL
I am not writing the code, it's loaded from a dependency, and I have to change the name of the file to post.
server.port=8080
server.ssl.enabled=true
server.ssl.trust-store=classpath:101816-my-keyfile.jks
server.ssl.trust-store-password=changeit
server.ssl.key-store=classpath:101816-my-keyfile.jks
server.ssl.key-password=changeit
server.ssl.key-alias=my-key-alias
I've tried changing the file to demonstrate that it actually IS finding the classpath resource.
I've tried converting it to PKCS#12 with the keytool command:
keytool -importkeystore
-srckeystore ./101816-my-keyfile.jks
-destkeystore ./101816-my-keyfile.jks
-deststoretype pkcs12
I've tried converting (Back) it to JKS and JCEKS using the same command with different dest type.
I've running on java versions Oracle "1.8.0_191" and an Openjdk 8.
I've tried using the keytool from JDK 11 and JDK 8.
But I cannot consistantly get any result other than:
Caused by: java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) ~[?:1.8.0_191]
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) ~[?:1.8.0_191]
at java.security.KeyStore.load(KeyStore.java:1445) ~[?:1.8.0_191]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:160) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:204) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:184) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
java spring tomcat jks
asked Nov 9 at 15:29
spl
1017
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I'm unable to make my project load a jks keystore. It's a Spring Boot 2.1.0-RELEASE. I've set the options below to configure the Tomcat server with SSL
I am not writing the code, it's loaded from a dependency, and I have to change the name of the file to post.
server.port=8080
server.ssl.enabled=true
server.ssl.trust-store=classpath:101816-my-keyfile.jks
server.ssl.trust-store-password=changeit
server.ssl.key-store=classpath:101816-my-keyfile.jks
server.ssl.key-password=changeit
server.ssl.key-alias=my-key-alias
I've tried changing the file to demonstrate that it actually IS finding the classpath resource.
I've tried converting it to PKCS#12 with the keytool command:
keytool -importkeystore
-srckeystore ./101816-my-keyfile.jks
-destkeystore ./101816-my-keyfile.jks
-deststoretype pkcs12
I've tried converting (Back) it to JKS and JCEKS using the same command with different dest type.
I've running on java versions Oracle "1.8.0_191" and an Openjdk 8.
I've tried using the keytool from JDK 11 and JDK 8.
But I cannot consistantly get any result other than:
Caused by: java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) ~[?:1.8.0_191]
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) ~[?:1.8.0_191]
at java.security.KeyStore.load(KeyStore.java:1445) ~[?:1.8.0_191]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:160) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:204) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:184) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
java spring tomcat jks
asked Nov 9 at 15:29
spl
1017
I'm unable to make my project load a jks keystore. It's a Spring Boot 2.1.0-RELEASE. I've set the options below to configure the Tomcat server with SSL
I am not writing the code, it's loaded from a dependency, and I have to change the name of the file to post.
server.port=8080
server.ssl.enabled=true
server.ssl.trust-store=classpath:101816-my-keyfile.jks
server.ssl.trust-store-password=changeit
server.ssl.key-store=classpath:101816-my-keyfile.jks
server.ssl.key-password=changeit
server.ssl.key-alias=my-key-alias
I've tried changing the file to demonstrate that it actually IS finding the classpath resource.
I've tried converting it to PKCS#12 with the keytool command:
keytool -importkeystore
-srckeystore ./101816-my-keyfile.jks
-destkeystore ./101816-my-keyfile.jks
-deststoretype pkcs12
I've tried converting (Back) it to JKS and JCEKS using the same command with different dest type.
I've running on java versions Oracle "1.8.0_191" and an Openjdk 8.
I've tried using the keytool from JDK 11 and JDK 8.
But I cannot consistantly get any result other than:
Caused by: java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) ~[?:1.8.0_191]
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) ~[?:1.8.0_191]
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) ~[?:1.8.0_191]
at java.security.KeyStore.load(KeyStore.java:1445) ~[?:1.8.0_191]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:160) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:204) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:184) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar!/:9.0.12]
java spring tomcat jks
java spring tomcat jks
asked Nov 9 at 15:29
spl
1017
asked Nov 9 at 15:29
spl
1017
asked Nov 9 at 15:29
spl
1017
asked Nov 9 at 15:29
spl
1017
asked Nov 9 at 15:29
spl
1017
1017
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53228665%2finvalid-keystore-format-error-trying-to-give-a-keystore-to-tomcat%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
