Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] another SSL configuration issue / Cannot recover key

Le 06/04/2017 à 21:47, Steve Sobol - Lobos Studios a écrit :
> I have run into the same thing on my production Jetty server that handles SSL, but since I have a simple workaround, I haven't really looked into why this is happening.

Hi Steve, thank you for the feedback
by "a simple workaround", you mean what I am refering at,eg: setting
both "KeyManagerPassword" and "KeyStorePassword" ?

Cheers,

> 
> --
> Lobos Studios | Phone: 877.919.4WEB | LobosStudios.com | Facebook.com/LobosStudios | @LobosStudios
> Web Development - Mobile Development - Helpdesk/Tech Support - Computer Sales & Service
> Acer Authorized Reseller - Computers, Windows and Android Tablets, Accessories
>  
> Steve Sobol - CEO, Senior Developer and Server Jockey
> steve@xxxxxxxxxxxxxxxx
> 
> -----Original Message-----
> From: jetty-users-bounces@xxxxxxxxxxx [mailto:jetty-users-bounces@xxxxxxxxxxx] On Behalf Of mh@xxxxxxx
> Sent: Thursday, April 06, 2017 12:18
> To: jetty-users@xxxxxxxxxxx
> Subject: Re: [jetty-users] another SSL configuration issue / Cannot recover key
> 
> Le 06/04/2017 à 12:58, mh@xxxxxxx a écrit :
>>
>> After starting Jetty I have the following error:
>>
>> java.security.UnrecoverableKeyException: Cannot recover key
>>
>> Is there a password madness I would not be aware of ?
>>
>> Thanks,
> 
> I finally found something that work but I can't explain why it doesn't make it without it.
> 
> I've uncommented:
> 
> jetty.sslContext.keyManagerPassword and set it to the same pass phrase as KeyStorePassword (In reality it seems keyManagerPassword is used to decrypt the private key)
> 
> What I don't understand is per documentation
> 
> setKeyManagerPassword
>     The password that is passed to the KeyManagerFactory.init(...). If there is no keymanagerpassword, then the keystorepassword is used instead. If there is no trustmanager set, then the keystore is used as the trust store and the keystorepassword is used as the truststore password.
> 
> 
> So to me, if both the private key and keystore password are the same, I should be able to set KeyStorePassword only ?
> 
> Cheers
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
> 
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
> 



Back to the top