Hi Bruno If the keystore isn't found an java.io.FileNotFoundException, see stacktrace <i>C:\Users\mikis\.keystore (Den angivne fil blev ikke fundet) at java.io.FileInputStream.open(Native Method) at java.io.FileInputStream.<init>(FileInputStream.java:106) at java.io.FileInputStream.<init>(FileInputStream.java:66) at org.restlet.engine.http.StreamClientHelper.createSecureSocketFactory(StreamClientHelper.java:180) at org.restlet.engine.http.StreamClientHelper.createSocketFactory(StreamClientHelper.java:255)"<i>
In case of a invalid password a java.io.IOException is thrown: <i>java.io.IOException: Keystore was tampered with, or password was incorrect at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771) at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38) at java.security.KeyStore.load(KeyStore.java:1185) at org.restlet.engine.http.StreamClientHelper.createSecureSocketFactory(StreamClientHelper.java:187)<i> what is a bit fishy here is that a connection is actually established, even though the certificate hasn't been validated, very bold. If the certificate isn't found in the keystore a <i>java.security.UnrecoverableKeyException: Cannot recover key<i> is thrown. So it lookes like this is the cause for the problem. A more precise error message would have been something like 'Can not find certificate XXX in keystore YYYY', which I'll be adding to my application. ~Mikis Bruno Harbulot [via Restlet Discuss] skrev: Hello, Do you know if your user has a '.keystore' file in the home directory? Would it work better if this file was out of the way? If so, this could be related to the side effect I found when fixing < http://restlet.tigris.org/issues/show_bug.cgi?id=586#desc15 >. I'd suggest fixing this issue by making the default keystore in Restlet connectors be unspecified, rather than assume it's going to be $HOME/.keystore: if the users want a keystore, they'll have to specify it. Best wishes, Bruno. Mikis Seth Sørensen wrote: > One of the users of some software of mine, reported the following error: > /java.security.UnrecoverableKeyException: Cannot recover key at > sun.security.provider.KeyProtector.recover(KeyProtector.java:311) at > sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121) > at > sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38) > at java.security.KeyStore.getKey(KeyStore.java:763) at > com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.(SunX509KeyManagerImpl.java:113) > at > com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48) > at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239) at > org.restlet.engine.http.StreamClientHelper.createSecureSocketFactory(StreamClientHelper.java:202) > at > org.restlet.engine.http.StreamClientHelper.createSocketFactory(StreamClientHelper.java:255) > at > org.restlet.engine.http.StreamClientHelper.create(StreamClientHelper.java:153) > at > org.restlet.engine.http.HttpClientConverter.toSpecific(HttpClientConverter.java:505) > at > org.restlet.engine.http.HttpClientHelper.handle(HttpClientHelper.java:107) > at org.restlet.Client.handle(Client.java:164) at > org.restlet.resource.ClientResource.handle(ClientResource.java:349) at > org.restlet.resource.ClientResource.put(ClientResource.java:510)/ Google > tell me this is cause by the keyPassword not corresponding to the > keyStore password. I can understand this could be relevant for a https > server, which might have a password protected private key. But I'm > acting as a https client and therefore shouldn't have any password > protected keys. The code causing the error is simply: ClientResource > resource = new ClientResource(context, new Reference(Protocol.HTTPS, > url); resource.put; Complete code can be view at > http://fisheye.agilos.org/browse/~raw,r=50111f79ea2129f8204beeefed1f69469539367a/Zendesk/src/main/java/org/agilos/jira/zendesk/NotificationDispatcher.java > I'm using Restlet 1.2-M2. ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2426719 View message @ http://n2.nabble.com/java-security-UnrecoverableKeyException-Cannot-recover-key-in-https-Restlet-client-tp4106014p4106644.html To unsubscribe from 'java.security.UnrecoverableKeyException: Cannot recover key' in https Restlet client, click here . -- View this message in context: http://n2.nabble.com/java-security-UnrecoverableKeyException-Cannot-recover-key-in-https-Restlet-client-tp4106014p4112373.html Sent from the Restlet Discuss mailing list archive at Nabble.com. ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2427018
