The `MD5:` format Credential / Password is what's known as a 1-way hash (this is not encryption) You can take a password and generate a MD5. Then later, when a password is provided, you can run the hash again and compare the resulting MD5 to know if the password that was provided is a match.
There's no way for the Keystore to reverse out the password it needs to use from the MD5 hash. The `MD5:` format in the Credential / Password exists for tooling / specs / libraries that use them. Such as Digest authentication in the HTTP spec, which takes the user password on the user-agent (browser), tacks other information into it, hashes the resulting string, and only sends the MD5 hash over the network to the server. Then the server simply performs a hash comparison to know if the password was correct (or not). Your choices for Keystore passwords OBF, CRYPT, or plaintext. Joakim Erdfelt / joa...@webtide.com On Thu, Jul 15, 2021 at 1:09 AM TSmitha <smitad...@gmail.com> wrote: > Hi, > > I am using jetty version -- jetty-9.4.40.v20210413 - 13 April 2021 on > java 1.8 platform. > > I am setting up ssl by referring to this documentation regarding putting > obfuscated/encrypted password in jetty-ssl-context.xml -- > https://www.eclipse.org/jetty/documentation/jetty-9/index.html#configuring-security-secure-passwords > > If i provide OBF: format passwords for (keystore and truststore) then > jetty server runs fine but if i put MD5: format password in this xml file, > jetty server fails to run, i have found this log in jetty/logs > > java.security.PrivilegedActionException: java.io.IOException: Keystore was > tampered with, or password was incorrect > > at java.security.AccessController.doPrivileged(Native Method) > > at > org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1857) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:498) > > at org.eclipse.jetty.start.Main.invokeMain(Main.java:218) > > at org.eclipse.jetty.start.Main.start(Main.java:491) > > at org.eclipse.jetty.start.Main.main(Main.java:77) > > Caused by: > > java.io.IOException: Keystore was tampered with, or password was incorrect > > at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780) > > > > Can you please provide your guidance about the right way to achieve this? > > > Thanks, > > Smita > _______________________________________________ > jetty-users mailing list > jetty-users@eclipse.org > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
