4

So I went through the following steps:

  1. I generated an SSL certificate using the JRE keytool. I executed the command: 

    keytool -genkey -alias tomcat
 -storetype PKCS12 -keyalg RSA -keysize 2048
 -keystore keystore.p12 -validity 3650

    Then I was prompted for a password, and various other information. I completed like so:

    Enter keystore password:
 Re-enter new password:
 What is your first and last name?
 [Unknown]:
 What is the name of your organizational unit?
 [Unknown]:
 What is the name of your organization?
 [Unknown]:
 What is the name of your City or Locality?
 [Unknown]:
 What is the name of your State or Province?
 [Unknown]:
 What is the two-letter country code for this unit?
 [Unknown]:
 Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
 [no]: yes
  2. I then moved the "keystore.p12" file within the src/main/resources folder of my spring boot application.

  3. Added the following lines within the application.yml file from src/main/resources:

    server:
 port: 8443
 ssl:
  key-store: keystore.p12
  key-store-password: <chosen_password>
  key-store-provider: PKCS12
  key-alias: tomcat

Started the Spring Boot application. Got this exception:

2018-09-18 13:51:25 [main] ERROR o.apache.tomcat.util.net.SSLUtilBase - Failed to load keystore type [JKS] with path [file:/home/user/Desktop/repositories/alfresco-facade-c4/keystore.p12] due to [no such provider: PKCS12]
java.security.NoSuchProviderException: no such provider: PKCS12
    at sun.security.jca.GetInstance.getService(GetInstance.java:83)
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
    at java.security.Security.getImpl(Security.java:698)
    at java.security.KeyStore.getInstance(KeyStore.java:896)
    at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:127)
    at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:204)
    at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:184)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87)
    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225)
    at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1150)
    at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:591)
    at org.apache.catalina.connector.Connector.startInternal(Connector.java:1018)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    at org.apache.catalina.core.StandardService.addConnector(StandardService.java:225)
    at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectors(TomcatEmbeddedServletContainer.java:250)
    at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.start(TomcatEmbeddedServletContainer.java:193)
    at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainer(EmbeddedWebApplicationContext.java:297)
    at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefresh(EmbeddedWebApplicationContext.java:145)
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:546)
    at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122)
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693)
    at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360)
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:303)
    at org.springframework.boot.builder.SpringApplicationBuilder.run(SpringApplicationBuilder.java:134)
    at com.docprocess.contentmanagement.AlfrescoFacadeApplication.main(AlfrescoFacadeApplication.java:22)
2018-09-18 13:51:25 [main] ERROR o.a.catalina.core.StandardService - Failed to start connector [Connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleException: Failed to start component [Connector[HTTP/1.1-8443]]
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:167)
    at org.apache.catalina.core.StandardService.addConnector(StandardService.java:225)
    at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectors(TomcatEmbeddedServletContainer.java:250)
    at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.start(TomcatEmbeddedServletContainer.java:193)
    at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainer(EmbeddedWebApplicationContext.java:297)
    at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefresh(EmbeddedWebApplicationContext.java:145)
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:546)
    at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122)
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693)
    at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360)
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:303)
    at org.springframework.boot.builder.SpringApplicationBuilder.run(SpringApplicationBuilder.java:134)
    at com.docprocess.contentmanagement.AlfrescoFacadeApplication.main(AlfrescoFacadeApplication.java:22)
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
    at org.apache.catalina.connector.Connector.startInternal(Connector.java:1021)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    ... 12 common frames omitted
Caused by: java.lang.IllegalArgumentException: java.io.IOException: Failed to load keystore type [JKS] with path [file:/home/user/Desktop/repositories/alfresco-facade-c4/keystore.p12] due to [no such provider: PKCS12]
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:116)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87)
    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225)
    at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1150)
    at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:591)
    at org.apache.catalina.connector.Connector.startInternal(Connector.java:1018)
    ... 13 common frames omitted
Caused by: java.io.IOException: Failed to load keystore type [JKS] with path [file:/home/user/Desktop/repositories/alfresco-facade-c4/keystore.p12] due to [no such provider: PKCS12]
    at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:152)
    at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:204)
    at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:184)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114)
    ... 18 common frames omitted

The main idea is that PKCS12 provider does not exist.

Any thoughts ?

Maybe use different provider ? If the answer yes, which provider should I use ?

Improve this question

1 Answer 1

Reset to default
2

Please refactor application.yml

server:
  port: 8443
  ssl:
    key-store: classpath:keystore.p12
    key-store-password: <chosen_password>
    keyStoreType: PKCS12
    key-alias: tomcat

PKCS12 should work out of the box with spring-boot

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Could you try to build an executable jar and run it from command line?
Also, try renaming key-store-provider to keyStoreType
This did the trick. I used key-store: classpath:keystore.p12 and keyStoreType: PKCS12. Please mention this in the answer as well.
Adjusted answer.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.