While trying to get Fuseki running over https I found this thread from February https://jena.markmail.org/message/2kqpd2tlinpdzpna?q=ssl+order:date-backward&page=1
1. I can confirm the provided xml works (tested on Fuseki 4.5.0) 2. I am having some issues generating the needed pkcs12 certificate file. a. When trying to generate a password-less pkcs12 file (openssl ... -passout pass:) Fuseki doesn't complain when loading it, but I always get SSL handshake errors and it doesn't work. b. When trying to generate with a password I get mixed results: OpenSSL 1.1.1f 31 Mar 2020 running on WSL2 Ubuntu 20.04 works fine. Fuseki loads the certificate and works like a charm. However, if I use OpenSSL 1.1.1o 3 May 2022 (running on docker-linuxserver/docker-swag:latest) I get a strange exception stacktrace: java.io.IOException: keystore password was incorrect at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source) ~[?:?] at sun.security.util.KeyStoreDelegator.engineLoad(Unknown Source) ~[?:?] at java.security.KeyStore.load(Unknown Source) ~[?:?] at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:49) ~[fuseki-server.jar:4.5.0] ... Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption. ... 28 more I would appreciate any input to pinpoint and solve any or both issues above. Regards, Nikolaos Beredimas