[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[jetty-users] another SSL configuration issue / Cannot recover key
|
Hi,
I've been following the documentation at
http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html
Running jetty-distribution-9.4.3.v20170317
Java 8
I have an official rapidssl certificate to load into jetty.
Historically I performed the CSR myself with openssl
My private key was genered and tempered with a pass phrase with openssl
Got a certificate back from the CA as a .crt file (pem).
Following the Jetty documentation, I have bundled the cert pem file and
intermediate chain file to a single file using:
cat mycert.crt intermediate.cer > mycert-bundled.crt
intermediate.cer is provided to me by the CA.
openssl pkcs12 -inkey myprivate.key -in mycert-bundled.crt -export -out
mycert.pkcs12
Typed my private key password
Typed my export password
Now in my JETTY-BASE, I did :
start.jar --add-to-start=https,ssl
# remove the default keystore
rm etc/keystore
keytool -importkeystore -srckeystore mycert.pkcs12 -srcstoretype PKCS12
-destkeystore etc/keystore
Typed my destination keystore password
I can list the imported entry with :
keytool -list -keystore etc/keystore -storetype jks -v
(keystore password typed)
Your keystore contains 1 entry
Alias name: 1
Creation date: Apr 6, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 2
Certificate[1]:
(...)
Typing my keystore password
altered 1 line in start.ini , uncomment and update:
jetty.sslContext.keyStorePassword=<my keystore password>
NOTICE: my keystore password is the same as the key pass phrase
mentioned above
NOTICE2 : I tried both clear and OBF password
After starting Jetty I have the following error:
java.security.UnrecoverableKeyException: Cannot recover key
Is there a password madness I would not be aware of ?
Thanks,