Invalid keystore format with SSL in Tomcat 6
Posted
by
strauberry
on Server Fault
See other posts from Server Fault
or by strauberry
Published on 2011-06-30T08:18:32Z
Indexed on
2011/06/30
8:24 UTC
Read the original article
Hit count: 1342
Filed under:
ssl-certificate
|tomcat6
I'm trying to setup SSL in my local Tomcat 6 installation. For this, I followed the official How-To doing the following:
$JAVA_HOME/bin/keytool -genkey -v -keyalg RSA -alias
tomcat -keypass changeit -storepass changeit
$JAVA_HOME/bin/keytool -export -alias tomcat -storepass
changeit -file /root/server.crt
Then changing the $CATALINA_BASE/conf/server.xml, in-commenting this:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/root/.keystore" keystorePass="changeit" />
After starting Tomcat, I get this Exception:
INFO: Initializing Coyote HTTP/1.1 on http-8080
30.06.2011 10:15:24 org.apache.tomcat.util.net.jsse.JSSESocketFactory getStore
SCHWERWIEGEND: Failed to load keystore type JKS with path /root/.keystore
due to Invalid keystore format
java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:633)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)
When I look into the keystore with keytool -list I get
root@host:~# $JAVA_HOME/bin/keytool -list
Enter key store password: changeit
Key store type: gkr
Key store provider: GNU-CRYPTO
Key store contains 1 entry(ies)
Alias name: tomcat
Creation timestamp: Donnerstag, 30. Juni 2011 - 10:13:40 MESZ
Entry type: key-entry
Certificate fingerprint (MD5): 6A:B9:...C:89:1C
Obviously, the keystore types are different. How can I change the type and will this fix my problem? Thank you!
© Server Fault or respective owner
