https://bz.apache.org/bugzilla/show_bug.cgi?id=62526
Bug ID: 62526
Summary: Tomcat fails in a strange way when key store is
missing
Product: Tomcat 8
Version: 8.5.32
Hardware: PC
OS: Mac OS X 10.1
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: fabrice.bacche...@orange.fr
Target Milestone: ----
I defined a keystore with no password and a password for the key.
I then run the following code:
SSLHostConfig shc = new SSLHostConfig();
shc.setProtocols("TLSv1.2");
shc.setCertificateKeystoreFile("file:testenv/conf/keystore.p12");
shc.setCertificateKeystorePassword("");
shc.setCertificateKeystoreType("PKCS12");
shc.setCertificateKeyPassword("azerty");
shc.setHostName("_default_");
NioEndpoint v = new NioEndpoint();
v.setSSLEnabled(true);
v.addSslHostConfig(shc);
v.bind();
I'm getting this stack:
java.lang.IllegalArgumentException: Private key must be accompanied by
certificate chain
at
org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsse
...
Caused by: java.lang.IllegalArgumentException: Private key must be accompanied
by certificate chain
at java.security.KeyStore.setKeyEntry(KeyStore.java:1136)
at
org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:257)
at
If a define a password for both or the password is defined only for the
keystore, it works. If keystore without password is not allowed, a better
message should be provided.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
