Dear list,
we are currently playing with the Fediz IDP and STS. In this context, we have
the following issue:
While testing, we want to use the 'mystskey' certificate contained in the
stsstore.jks keystore for the HTTPS connector in Tomcat (the one used to access
the STS servlet via HTTPS). Unfortunately, the keystore password seems not to
match the key password of the 'mystskey' private key. When configuring the
Tomcat HTTPS connector with:
<Connector port="9443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="<path/to>/stsstore.jks" keystorePass=" stsspass"
keyAlias=" mystskey" keyPass=" stsspass"
sslProtocol="TLS" />
we get the following exception in Tomcat:
java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover (KeyProtector.java:311)
at sun.security.provider.JavaKeyStore.engineGetKey
(JavaKeyStore.java:121)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey
(JavaKeyStore.java:38)
at java.security.KeyStore.getKey(KeyStore.java:763)
...
Does anyone know password of the 'mystskey' key? Or do you see another reason
for this issue?
Thank you & regards,
Christian
