Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-3686

"Invalid keystore format" IOException when using PKCS12 keystore in Wildfly 8.1.0.Final

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Rejected
    • Affects Version/s: 8.1.0.Final
    • Fix Version/s: 8.2.0.Final
    • Component/s: Security
    • Labels:
      None
    • Affects:
      Documentation (Ref Guide, User Guide, etc.)
    • Workaround:
      Workaround Exists
    • Workaround Description:
      Hide

      JKS works fine.

      Show
      JKS works fine.
    • Estimated Difficulty:
      Low

      Description

      Up to now I am using a JKS file to activate SSL.

      This works

      <server-identities>
          <ssl protocol="TLS">
              <keystore path="mykeystore.jks" relative-to="jboss.server.config.dir" keystore-password="xxx"/>
          </ssl>
      </server-identities>

      This does not work:

      <server-identities>
          <ssl protocol="TLS">
              <keystore path="keystore.p12" relative-to="jboss.server.config.dir" keystore-password="xxx"/>
          </ssl>
      </server-identities>

      Exception is

      Caused by: java.io.IOException: Invalid keystore format
      	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650) [rt.jar:1.7.0_55]
      	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) [rt.jar:1.7.0_55]
      	at java.security.KeyStore.load(KeyStore.java:1214) [rt.jar:1.7.0_55]
      	at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:113)
      	... 6 more

      WFLY-2229 says PKCS12 is supported. I found no way to specify a keystore format in documentation (https://docs.jboss.org/author/display/WFLY8/Detailed+Configuration) . Is it correct?

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  dlofthouse Darran Lofthouse
                  Reporter:
                  larmic Lars Michaelis
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: