Re: [jetty-users] Website works but SSL Labs is reporting vulnerabilitie

["Steve Sobol - Lobos Studios" <steve@xxxxxxxxxxxxxxxx>]

Followup:

I looked at IE 9 and IE 10's market share and both are under 2% so I 
don't care about them anymore. Only remaining thing to do is to remove 
the redundant CA certificate from the chain, and that's not an urgent 
thing... Thanks to everyone that helped :)

--
Lobos Studios | Phone: 877.919.4WEB | LobosStudios.com | 
Facebook.com/LobosStudios | @LobosStudios
Web Development - Mobile Development - Helpdesk/Tech Support - Computer 
Sales & Service
Acer Authorized Reseller - Computers, Windows and Android Tablets, 
Accessories

Steve Sobol - CEO, Senior Developer and Server Jockey
steve@xxxxxxxxxxxxxxxx



------ Original Message ------
From: "Simone Bordet" <sbordet@xxxxxxxxxxx>
To: "JETTY user mailing list" <jetty-users@xxxxxxxxxxx>
Sent: 4/22/2016 4:09:49 PM
Subject: Re: [jetty-users] Website works but SSL Labs is reporting 
vulnerabilities

> Hi,
>
> On Sat, Apr 23, 2016 at 12:54 AM, Steve Sobol - Lobos Studios
> <steve@xxxxxxxxxxxxxxxx> wrote:
> >  Hm - I followed these directions
> >
> >  "all *.pem files into one pem file, like all.pem Then create keystore 
> > in p12
> >  format with private key + all.pem
> >
> >  openssl pkcs12 -export -inkey private.key -in all.pem -name test -out
> >  test.p12
> >
> >  Then export p12 into jks
> >
> >  keytool -importkeystore -srckeystore test.p12 -srcstoretype pkcs12
> >  -destkeystore test.jks"
> >
> >  from
> >  
> > http://serverfault.com/questions/483465/import-of-pem-certificate-chain-and-key-to-java-keystore
> >
> >  and in Keystore Explorer I could see the entire chain, but
>
> Do you have a "Certificate chain length" > 1 or not for all your
> entries of type "PrivateKeyEntry" ?
>
>
> >  2016-04-22 18:52:37.682:INFO:oejus.SslContextFactory:main:
> >  x509=X509@51c929ae(test,h=[admin.bamidbarconnect.com,
> >  www.admin.bamidbarconnect.com],w=[]) for
> >  SslContextFactory@3c8bdd5b(file:///home/sjsobol/test.jks,null)
> >  java.lang.reflect.InvocationTargetException
> >          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native 
> > Method)
> >          at
> >  
> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> >          at
> >  
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> >          at java.lang.reflect.Method.invoke(Method.java:498)
> >          at org.eclipse.jetty.start.Main.invokeMain(Main.java:214)
> >          at org.eclipse.jetty.start.Main.start(Main.java:457)
> >          at org.eclipse.jetty.start.Main.main(Main.java:75)
> >  Caused by: java.lang.NullPointerException
> >          at
> >  
> > org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1067)
>
> This seems a missing password in the configuration.
>
> --
> Simone Bordet
> ----
> http://cometd.org
> http://webtide.com
> Developer advice, training, services and support
> from the Jetty & CometD experts.
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe 
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users