Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Getting SSL working

On 20/01/2017 19:32, Simone Bordet wrote:
The server then fails to start (
Cannot recover key).

Are passwords correct ?

That turned out to be the problem -- the password used to create the PKCS12 file needed to be specified in setKeyPassword, and the password used for the JKS keystore needed to be specified in setPassword; my jetty.xml (Jetty 8.1.4) config needed to look like this:

<Set name="Keystore"><Property name="jetty.home" default="." />/keystore.test</Set>
<Set name="Password">keystore-password</Set>
<Set name="KeyPassword">pkcs12-password</Set>

The use of the PKCS12 password isn't terribly clear in the docs IMHO; it mentions jetty.sslContext.keyStorePassword (presumably what I specified as keystore-password above) but doesn't say what to do with pkcs12-password. And of course this didn't matter when I was using a self-signed certificate, but is crucial for a proper certificate...

John English

Back to the top