[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] Keystore Problems
|
Hi,
On Tue, May 26, 2020 at 8:07 PM David C Fuhs <dfuhs@xxxxxxxxxxxx> wrote:
>
> To generate the private key:
> openssl genrsa 4096 > new_host.key
>
> To combine the SSL certificate plus CA certificates into one file:
> cat ssl_cert interm_certs > combined_certs
> Results in a file with the SSL certificate first, followed by the intermediate certificates, with the root CA certificate last in the file.
>
> Stack traces follow, the first is using the JKS version of the keystore, the second with the PKCS12 version of the keystore.
Can you open the keyStores using:
https://keystore-explorer.org/
If you cannot, then the keyStores are wrong.
There is no need to use the JKS format anymore, keep the keyStores in PKCS12.
Make sure that you are using a keyStore password only (not a
keyManager password), unless you really want to.
If you have a keyManager password, then you have to configure Jetty with it.
--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
