Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Won't Do
Priority: Major
Fix Version/s: 8.2.0.Final
Affects Version/s: 8.1.0.Final
Component/s: Security
Labels:
None

Affects:

Documentation (Ref Guide, User Guide, etc.)
Workaround:

Workaround Exists
Workaround Description:

Hide

JKS works fine.

Show
JKS works fine.
Estimated Difficulty:
Low

Description

Up to now I am using a JKS file to activate SSL.

This works

<server-identities>
    <ssl protocol="TLS">
        <keystore path="mykeystore.jks" relative-to="jboss.server.config.dir" keystore-password="xxx"/>
    </ssl>
</server-identities>

This does not work:

<server-identities>
    <ssl protocol="TLS">
        <keystore path="keystore.p12" relative-to="jboss.server.config.dir" keystore-password="xxx"/>
    </ssl>
</server-identities>

Exception is

Caused by: java.io.IOException: Invalid keystore format
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650) [rt.jar:1.7.0_55]
	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) [rt.jar:1.7.0_55]
	at java.security.KeyStore.load(KeyStore.java:1214) [rt.jar:1.7.0_55]
	at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:113)
	... 6 more

~~WFLY-2229~~ says PKCS12 is supported. I found no way to specify a keystore format in documentation (https://docs.jboss.org/author/display/WFLY8/Detailed+Configuration) . Is it correct?

Attachments

Issue Links

relates to

WFLY-2229 Add support for PKCS12 Keystores in security realms.

Closed

Activity

People

Assignee:: Darran Lofthouse

Reporter:: Lars Michaelis (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2014/07/29 6:19 AM

Updated:: 2017/12/06 11:27 AM

Resolved:: 2014/07/29 6:23 AM