Hi, I've been following the documentation at http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html
Running jetty-distribution-9.4.3.v20170317 Java 8 I have an official rapidssl certificate to load into jetty. Historically I performed the CSR myself with openssl My private key was genered and tempered with a pass phrase with openssl Got a certificate back from the CA as a .crt file (pem). Following the Jetty documentation, I have bundled the cert pem file and intermediate chain file to a single file using: cat mycert.crt intermediate.cer > mycert-bundled.crt intermediate.cer is provided to me by the CA. openssl pkcs12 -inkey myprivate.key -in mycert-bundled.crt -export -out mycert.pkcs12 Typed my private key password Typed my export password Now in my JETTY-BASE, I did : start.jar --add-to-start=https,ssl # remove the default keystore rm etc/keystore keytool -importkeystore -srckeystore mycert.pkcs12 -srcstoretype PKCS12 -destkeystore etc/keystore Typed my destination keystore password I can list the imported entry with : keytool -list -keystore etc/keystore -storetype jks -v (keystore password typed) Your keystore contains 1 entry Alias name: 1 Creation date: Apr 6, 2017 Entry type: PrivateKeyEntry Certificate chain length: 2 Certificate[1]: (...) Typing my keystore password altered 1 line in start.ini , uncomment and update: jetty.sslContext.keyStorePassword=<my keystore password> NOTICE: my keystore password is the same as the key pass phrase mentioned above NOTICE2 : I tried both clear and OBF password After starting Jetty I have the following error: java.security.UnrecoverableKeyException: Cannot recover key Is there a password madness I would not be aware of ? Thanks, _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
