Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-3686

"Invalid keystore format" IOException when using PKCS12 keystore in Wildfly 8.1.0.Final

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • 8.2.0.Final
    • 8.1.0.Final
    • Security
    • None
    • Documentation (Ref Guide, User Guide, etc.)
    • Workaround Exists
    • Hide

      JKS works fine.

      Show
      JKS works fine.
    • Low

      Up to now I am using a JKS file to activate SSL.

      This works

      <server-identities>
    <ssl protocol="TLS">
        <keystore path="mykeystore.jks" relative-to="jboss.server.config.dir" keystore-password="xxx"/>
    </ssl>
</server-identities>

      This does not work:

      <server-identities>
    <ssl protocol="TLS">
        <keystore path="keystore.p12" relative-to="jboss.server.config.dir" keystore-password="xxx"/>
    </ssl>
</server-identities>

      Exception is

      Caused by: java.io.IOException: Invalid keystore format
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650) [rt.jar:1.7.0_55]
	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) [rt.jar:1.7.0_55]
	at java.security.KeyStore.load(KeyStore.java:1214) [rt.jar:1.7.0_55]
	at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:113)
	... 6 more

      WFLY-2229 says PKCS12 is supported. I found no way to specify a keystore format in documentation (https://docs.jboss.org/author/display/WFLY8/Detailed+Configuration) . Is it correct?

              darran.lofthouse@redhat.com Darran Lofthouse
              larmic_jira Lars Michaelis (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: