|Re: [jetty-users] Getting SSL working|
On 20/01/2017 19:32, Simone Bordet wrote:
The server then fails to start (java.security.UnrecoverableKeyException: Cannot recover key).Are passwords correct ?
That turned out to be the problem -- the password used to create the PKCS12 file needed to be specified in setKeyPassword, and the password used for the JKS keystore needed to be specified in setPassword; my jetty.xml (Jetty 8.1.4) config needed to look like this:
<Set name="Keystore"><Property name="jetty.home" default="." />/keystore.test</Set>
<Set name="Password">keystore-password</Set> <Set name="KeyPassword">pkcs12-password</Set>The use of the PKCS12 password isn't terribly clear in the docs IMHO; it mentions jetty.sslContext.keyStorePassword (presumably what I specified as keystore-password above) but doesn't say what to do with pkcs12-password. And of course this didn't matter when I was using a self-signed certificate, but is crucial for a proper certificate...
Thanks! -- John English
Back to the top