Hi Adam,
i know it has been a long time since I have asked this - the procedure you
suggested worked.
regards,
Florian
On 14/11/2017 16:34, Adam Petcher wrote:
On 11/13/2017 2:20 PM, Florian Bruckner (3kraft) wrote:
Hi,
have just stumbled upon a quite strange behavior in a SSL connection with a
client certificate.
Looks like your private key is BER encoded. I think this is supposed to be fine, but the code is
being a bit too strict and rejecting it. There was a change around 8u121 that added some more DER
enforcement. Can you try converting everything to DER to see if that clears up the problem? You
can do this with openssl e.g.:
openssl pkcs12 -in pkcs12-file -out key-and-cert -nodes -passin pass:abcXYZ
openssl pkcs12 -in key-and-cert -export -out new-pkcs12-file -passout
pass:abcXYZ
The JKS exception doesn't really provide a lot of information. It would be helpful if you could
import the DER-formatted PKCS#12 file back into JKS and let me know if that works.
