On 20/01/2017 19:32, Simone Bordet wrote:
The server then fails to start (java.security.UnrecoverableKeyException:
Cannot recover key).
Are passwords correct ?
That turned out to be the problem -- the password used to create the
PKCS12 file needed to be specified in setKeyPassword, and the password
used for the JKS keystore needed to be specified in setPassword; my
jetty.xml (Jetty 8.1.4) config needed to look like this:
<Set name="Keystore"><Property name="jetty.home" default="."
/>/keystore.test</Set>
<Set name="Password">keystore-password</Set>
<Set name="KeyPassword">pkcs12-password</Set>
The use of the PKCS12 password isn't terribly clear in the docs IMHO; it
mentions jetty.sslContext.keyStorePassword (presumably what I specified
as keystore-password above) but doesn't say what to do with
pkcs12-password. And of course this didn't matter when I was using a
self-signed certificate, but is crucial for a proper certificate...
Thanks!
--
John English
_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
