[cas-dev] Invalid keystore format [Liferay Jboss on Red Hat 5]

Mon, 14 Dec 2009 10:49:04 -0800 

 

 

Hello,

 

I integrated CAS successfully on Windows platform. Generated the required
keystore & truststore & also configured the Jboss server to listen the SSL
port. It is running perfectly fine on windows.

 

Now I am following the same procedure on Red Hat Linux 5. (using jdk 1.6
update 17 on both the boxes). I successfully created the keystore &
truststore information & also configured the server.xml to listen on ssl.

 

But when I start the JBoss 5 server it gives me the following trace. (I have
also specified System property -Djavax.net.ssl.trustStore in run.sh)

 

23:53:16,427 ERROR [StandardService] Service initializing at jboss.web
failed
LifecycleException:  Protocol handler initialization failed:
java.io.IOException: Invalid keystore format
        at
org.apache.catalina.connector.Connector.initialize(Connector.java:1031)
        at
org.apache.catalina.core.StandardService.initialize(StandardService.java:683
)
        at
org.apache.catalina.core.StandardService.init(StandardService.java:695)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:510)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:736)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:572)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java

 

When I use keytool -list command to see the keystore type it gives the
following output 

KeyStore Type: gkr

Provider: GNU-CRYPTO

 

However on windows platform it is JKS. But in Linux it using gkr. 

I also edited server.xml in my Linux box & explicitly mentioned keystoreType
as gkr. But it was not useful. 

 

Below mentioned is except from server.xml

 

<!-- SSL/TLS Connector configuration using the admin devl guide keystore-->

      <Connector port="8443" 

                  address="${jboss.bind.address}"

                  protocol="HTTP/1.1" 

                  SSLEnabled="true" 

                  maxThreads="100" 

                  strategy="ms" 

                  maxHttpHeaderSize="8192"

                  emptySessionPath="true"

                  scheme="https" 

                  secure="true" 

                  clientAuth="false" 

 
keystoreFile="/home/user/Desktop/liferay-portal-5.2.3/jboss-tomcat-5.0.0/ser
ver/default/conf/demostore.jks"

                  keystorePass="*****" 

                  keystoreType="gkr"

 
truststoreFile="="/home/user/Desktop/liferay-portal-5.2.3/jboss-tomcat-5.0.0
/server/default/conf/truststore"

                  truststorePass="*******"                  

                  sslProtocol="TLS" />

 

Kindly advice on how to use the default JKS on Linux box Or if it is
generating keystore of type gkr then what should be done?

Thanks

Manish Shah,


-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-dev

Reply via email to