Can not find keys in keystore when configuring wildfly
13,817
If you have signed certificate from CA, then keytool can't be used to import private key to keystore. You need to import private.key using openssl in PKCS12 format & then use keytool to generate keystore.
Assuming you have following files available
- private-key.pem
- AddTrustExternalCARoot.crt
- COMODORSAAddTrustCA.crt
- COMODORSADomainValidationSecureServerCA.crt
- YOUR_DOMAIN_com.crt or STAR_YOUR_DOMAIN_com.crt (Signed Cert from CA)
Steps:
$cat AddTrustExternalCARoot.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt > ssl-bundle.crt
$openssl pkcs12 -export -chain -in STAR_YOUR_DOMAIN_com.crt -inkey
private-key.pem -out keystore.p12 -name YOURDOMAIN -CAfile ssl-bundle.crt
Now you can use keytool to import
$keytool -importkeystore -destkeystore keystore.jks -srckeystore keystore.p12 -alias YOURDOMAIN
Author by
Li Bin
Updated on June 05, 2022Comments
-
Li Bin almost 2 years
We have several
.cer
files and import into the keystore with keytool command. Now we configure theWildfly 8.x
SSL with that keystore. When to start, we get the following errors:22:38:56,992 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service jboss.server.controller.management.security_realm.UndertowRealm.key-manager: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.UndertowRealm.key-manager: WFLYDM0083: The KeyStore /home/demo/mykeystore.jks does not contain any keys. at org.jboss.as.domain.management.security.FileKeystore.assertContainsKey(FileKeystore.java:169) at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:120) at org.jboss.as.domain.management.security.FileKeyManagerService.start(FileKeyManagerService.java:145) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745)
Any help will be appreciated.