Hello,
Resolved this one. By default the keytool (it was a link file) was pointing to gkeytool located in /usr/bin. This keytool is not of Java. I switched to /usr/java/jdk1.6/bin folder & created a link file of keytool. I copied that link file & pasted it into /usr/bin folder so that next time it makes use of keytool provided by Java. Once done the rest of the procedure for generating keystore is same. Regards Manish Shah, _____ From: Manish Shah [mailto:[email protected]] Sent: Tuesday, December 15, 2009 12:19 AM To: [email protected] Subject: [cas-dev] Invalid keystore format [Liferay Jboss on Red Hat 5] Hello, I integrated CAS successfully on Windows platform. Generated the required keystore & truststore & also configured the Jboss server to listen the SSL port. It is running perfectly fine on windows. Now I am following the same procedure on Red Hat Linux 5. (using jdk 1.6 update 17 on both the boxes). I successfully created the keystore & truststore information & also configured the server.xml to listen on ssl. But when I start the JBoss 5 server it gives me the following trace. (I have also specified System property -Djavax.net.ssl.trustStore in run.sh) 23:53:16,427 ERROR [StandardService] Service initializing at jboss.web failed LifecycleException: Protocol handler initialization failed: java.io.IOException: Invalid keystore format at org.apache.catalina.connector.Connector.initialize(Connector.java:1031) at org.apache.catalina.core.StandardService.initialize(StandardService.java:683 ) at org.apache.catalina.core.StandardService.init(StandardService.java:695) at org.apache.catalina.core.StandardService.start(StandardService.java:510) at org.apache.catalina.core.StandardServer.start(StandardServer.java:736) at org.apache.catalina.startup.Catalina.start(Catalina.java:572) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java When I use keytool -list command to see the keystore type it gives the following output KeyStore Type: gkr Provider: GNU-CRYPTO However on windows platform it is JKS. But in Linux it using gkr. I also edited server.xml in my Linux box & explicitly mentioned keystoreType as gkr. But it was not useful. Below mentioned is except from server.xml <!-- SSL/TLS Connector configuration using the admin devl guide keystore--> <Connector port="8443" address="${jboss.bind.address}" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="100" strategy="ms" maxHttpHeaderSize="8192" emptySessionPath="true" scheme="https" secure="true" clientAuth="false" keystoreFile="/home/user/Desktop/liferay-portal-5.2.3/jboss-tomcat-5.0.0/ser ver/default/conf/demostore.jks" keystorePass="*****" keystoreType="gkr" truststoreFile="="/home/user/Desktop/liferay-portal-5.2.3/jboss-tomcat-5.0.0 /server/default/conf/truststore" truststorePass="*******" sslProtocol="TLS" /> Kindly advice on how to use the default JKS on Linux box Or if it is generating keystore of type gkr then what should be done? Thanks Manish Shah, -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
