Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Website works but SSL Labs is reporting vulnerabilities

Hm - I followed these directions

"all *.pem files into one pem file, like all.pem Then create keystore in p12 format with private key + all.pem

openssl pkcs12 -export -inkey private.key -in all.pem -name test -out test.p12

Then export p12 into jks 

keytool -importkeystore -srckeystore test.p12 -srcstoretype pkcs12 -destkeystore test.jks"
from http://serverfault.com/questions/483465/import-of-pem-certificate-chain-and-key-to-java-keystore

and in Keystore Explorer I could see the entire chain, but

2016-04-22 18:52:37.682:INFO:oejus.SslContextFactory:main: x509=X509@51c929ae(test,h=[admin.bamidbarconnect.com, www.admin.bamidbarconnect.com],w=[]) for SslContextFactory@3c8bdd5b(file:///home/sjsobol/test.jks,null)
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.eclipse.jetty.start.Main.invokeMain(Main.java:214)
        at org.eclipse.jetty.start.Main.start(Main.java:457)
        at org.eclipse.jetty.start.Main.main(Main.java:75)
Caused by: java.lang.NullPointerException
        at org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1067)
        at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:380)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)
        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)
        at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:260)
        at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
        at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:244)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.server.Server.doStart(Server.java:384)
        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
        at org.eclipse.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1510)
        at java.security.AccessController.doPrivileged(Native Method)
        at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1435)
        ... 7 more




On 4/22/2016 3:12 PM, Steve Sobol - Lobos Studios wrote:

keytool -importcert -trustcacerts as well as the KeyStore Explorer GUI.

BUT I think I've worked this out. Stand by, I'll let you know soon.


On 4/22/2016 3:05 PM, Simone Bordet wrote:
Hi,

On Fri, Apr 22, 2016 at 11:53 PM, Steve Sobol - Lobos Studios
<steve@xxxxxxxxxxxxxxxx> wrote:

It's 1.

I think you did not import properly the signed certificate from the CA then.
What commands did you use ?



-- 
Lobos Studios | Phone: 877.919.4WEB | LobosStudios.com | Facebook.com/LobosStudios | @LobosStudios
Web Development - Mobile Development - Helpdesk/Tech Support - Computer Sales & Service
Acer Authorized Reseller - Computers, Windows and Android Tablets, Accessories

Steve Sobol - CEO, Senior Developer and Server Jockey
steve@xxxxxxxxxxxxxxxx

-- 
Lobos Studios | Phone: 877.919.4WEB | LobosStudios.com | Facebook.com/LobosStudios | @LobosStudios
Web Development - Mobile Development - Helpdesk/Tech Support - Computer Sales & Service
Acer Authorized Reseller - Computers, Windows and Android Tablets, Accessories

Steve Sobol - CEO, Senior Developer and Server Jockey
steve@xxxxxxxxxxxxxxxx

Back to the top