[Geoserver-users] Geoserevr Cannot recover key of the keystore

Jorge Penedo Fri, 23 Sep 2022 07:07:32 -0700

 Hello everyone

I'm trying to configure https access, with ssl, from a 2.20.05 server installed 
on platafroaqm windows  with jetty.


In my institution there is already a plex certificate, so I used the command 
line to prodece the "new"
 keystore

keytool -importkeystore -srckeystore m:\certs\mycert.pt.pfx -srcstoretype 
pkcs12 -destkeystore m:\certs\keystore -deststoretype JKS

then i copy the file to \etc


I generated my obf password with the command line

java -cp jetty-util-9.4.36.v20210114.jar 
org.eclipse.jetty.util.security.Password mypassword

(i checked the  jetty version i have installed)

then i update  the start.ini and the jetty-ssl.context.xml files

when i start the service i got this in the logs file

"...

2022-09-23 11:18:14.395:INFO:oejsh.ContextHandler:main: Started 
o.e.j.w.WebAppContext@33f88ab{GeoServer,/geoserver,file:///C:/Program%20Files/GeoServer/webapps/geoserver/,AVAILABLE}{C:\Program
 Files\GeoServer\webapps\geoserver}
2022-09-23 11:18:14.426:INFO:oejs.AbstractConnector:main: Started 
ServerConnector@2771e501{HTTP/1.1, (http/1.1)}{0.0.0.0:8080}
2022-09-23 11:18:14.426:INFO:oejus.SslContextFactory:main: 
x509=X509@2140582(1,h=[sines.pt],w=[sines.pt]) for 
Server@2640f5ea[provider=null,keyStore=file:///C:/Program%20Files/GeoServer/etc/keystore,trustStore=file:///C:/Program%20Files/GeoServer/etc/keystore]
2022-09-23 11:18:14.426:WARN:oejx.XmlConfiguration:main:
java.security.PrivilegedActionException: 
java.security.UnrecoverableKeyException: Cannot recover key
      at java.security.AccessController.doPrivileged(Native Method)
      at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1857)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
      at java.lang.reflect.Method.invoke(Unknown Source)
      at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
      at org.eclipse.jetty.start.Main.start(Main.java:491)
      at org.eclipse.jetty.start.Main.main(Main.java:77)
Caused by:
java.security.UnrecoverableKeyException: Cannot recover key
      at sun.security.provider.KeyProtector.recover(Unknown Source)
      at sun.security.provider.JavaKeyStore.engineGetKey(Unknown Source)
      at sun.security.provider.JavaKeyStore$JKS.engineGetKey(Unknown Source)
      at sun.security.provider.KeyStoreDelegator.engineGetKey(Unknown Source)
      at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(Unknown 
Source)
      at java.security.KeyStore.getKey(Unknown Source)
      at sun.security.ssl.SunX509KeyManagerImpl.<init>(Unknown Source)
      at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(Unknown 
Source)
      at javax.net.ssl.KeyManagerFactory.init(Unknown Source)
      at 
org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1243)
      at 
org.eclipse.jetty.util.ssl.SslContextFactory$Server.getKeyManagers(SslContextFactory.java:2267)
      at 
org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:372)
      at 
org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:243)
      at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
      at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
      at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
      at 
org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:97)
      at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
      at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
      at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
      at 
org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:321)
      at 
org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
      at 
org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:234)
      at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
      at org.eclipse.jetty.server.Server.doStart(Server.java:401)
      at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:73)
      at 
org.eclipse.jetty.xml.XmlConfiguration.lambda$main$3(XmlConfiguration.java:1907)
      at java.security.AccessController.doPrivileged(Native Method)
      at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1857)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
      at java.lang.reflect.Method.invoke(Unknown Source)
      at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
      at org.eclipse.jetty.start.Main.start(Main.java:491)
      at org.eclipse.jetty.start.Main.main(Main.java:77)

.."



Can anyone help and tell me what went wrong?


Best regards to all

Jorge Penedo

_______________________________________________
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

[Geoserver-users] Geoserevr Cannot recover key of the keystore

Reply via email to