Invalid keystores from Tomcat

cancel
Showing results for 
Search instead for 
Did you mean: 
bvictor
Active Member

Re: Invalid keystores from Tomcat

Jump to solution

Hi,

Which is this default "keystore"? I am installing the latest community version and i am getting the same error despite following the installation intsructions. I have tried teh alfresco-ssl-generator tool with no success. I have also copied the keystore directory that comes with the zip distibution to my alf_data directory but i keep on getting the following error:

 

org.alfresco.error.AlfrescoRuntimeException: 04150006 Keystores are invalid
at org.alfresco.encryption.EncryptionChecker$1.execute(EncryptionChecker.java:78)
at org.alfresco.encryption.EncryptionChecker$1.execute(EncryptionChecker.java:1)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:450)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:319)
at org.alfresco.encryption.EncryptionChecker.onBootstrap(EncryptionChecker.java:67)

..................................

Caused by: org.alfresco.error.AlfrescoRuntimeException: 04150005 Failed to create key: metadata
in key store:
Location: E:/alfresco-community7/alf_data/keystore/keystore
Provider: null
Type: pkcs12
at org.alfresco.encryption.AlfrescoKeyStoreImpl.createKey(AlfrescoKeyStoreImpl.java:664)
at org.alfresco.encryption.AlfrescoKeyStoreImpl.validateKeys(AlfrescoKeyStoreImpl.java:915)
at org.alfresco.encryption.AlfrescoKeyStoreImpl.validateKeys(AlfrescoKeyStoreImpl.java:188)
at org.alfresco.encryption.KeyStoreChecker.validateKeyStores(KeyStoreChecker.java:49)
at org.alfresco.encryption.EncryptionChecker$1.execute(EncryptionChecker.java:73)
... 57 more
Caused by: org.alfresco.error.AlfrescoRuntimeException: 04150004 Unable to get secret key: no key information is provided
at org.alfresco.encryption.AlfrescoKeyStoreImpl.getSecretKey(AlfrescoKeyStoreImpl.java:775)
at org.alfresco.encryption.AlfrescoKeyStoreImpl.createKey(AlfrescoKeyStoreImpl.java:642)
... 61 more

 

sanjaybandhniya
Intermediate

Re: Invalid keystores from Tomcat

Jump to solution

Try Below Steps:

 

Example: assume that default keystore files are present in the below path:

C:/alfresco7/alf_data/keystore/metadata-keystore/keystore

To configure ACS 7 Tomcat 9 to use this default keystore file, you need to open

<tomcat 9_install_home_directory>/bin/catalina.bat.

 

Add the below line into catalina.bat (right under 'set JAVA_OPTS=' lines)

 

set “JAVA_TOOL_OPTIONS=-Dencryption.keystore.type=JCEKS -Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding -Dencryption.keyAlgorithm=DESede -Dencryption.keystore.location=C:/alfresco7/alf_data/keystore/metadata-keystore/keystore -Dmetadata-keystore.password=mp6yc0UD9e -Dmetadata-keystore.aliases=metadata -Dmetadata-keystore.metadata.password=oKIWzVdEdA -Dmetadata-keystore.metadata.algorithm=DESede”

NoteSmiley Very Happyencryption.keystore.location=<your own keystore file location>

amberream
Member II

Re: Invalid keystores from Tomcat

Jump to solution

The link in the accepted solution is broken.  I'm stuck with the same error, "Invalid keystore format", after generating my keystores with the github project.