B4J Question [SOLVED] SSL and keystore password error

magi6162

Well-Known Member
Licensed User
my web app (ABM) on server (GCE) ubuntu 17.10
Run web app, with: sudo nohup java -jar myapp.jar > nohup.out &

nohup.out:
init mysql
Mar 02, 2018 11:31:22 AM com.mchange.v2.log.MLog
INFO: MLog clients using java 1.4+ standard logging.
Mar 02, 2018 11:31:22 AM com.mchange.v2.c3p0.C3P0Registry
INFO: Initializing c3p0-0.9.5.2 [built 08-December-2015 22:06:04 -0800; debug? true; trace: 10]
Collegamento al database
loading /home/magi6162: copymewithjar.needs...
Using cache system: 3.0
Needs material/awesome icons
2018-03-02 11:31:23.038:INFO::main: Logging initialized @1302ms to org.eclipse.jetty.util.log.StdErrLog
GZipping HTML, JavaScript and CSS files...
Optimizing new and updated PNG files...
Building core.min.1519990281928.css...
2018-03-02 11:31:23.601:INFO:eek:ejs.Server:main: jetty-9.4.z-SNAPSHOT
2018-03-02 11:31:23.660:INFO:eek:ejs.session:main: DefaultSessionIdManager workerName=node0
2018-03-02 11:31:23.660:INFO:eek:ejs.session:main: No SessionScavenger set, using defaults
2018-03-02 11:31:23.662:INFO:eek:ejs.session:main: Scavenging every 600000ms
2018-03-02 11:31:23.712:INFO:eek:ejsh.ContextHandler:main: Started o.e.j.s.ServletContextHandler@48524010{/,file:///home/magi6162/www/,AVAILABLE}
2018-03-02 11:31:23.714:INFO:eek:ejs.AbstractNCSARequestLog:main: Opened /home/magi6162/logs/b4j-2018_03_02.request.log
2018-03-02 11:31:23.731:INFO:eek:ejs.AbstractConnector:main: Started ServerConnector@15f807b7{HTTP/1.1,[http/1.1]}{0.0.0.0:51045}
abmapplication._vvvvvvvvvvvv6 (java line: 508)
java.io.IOException: Keystore was tampered with, or password was incorrect <<<<< what?
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1018)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:253)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:220)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:72)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:270)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:431)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at anywheresoftware.b4j.object.ServerWrapper.Start(ServerWrapper.java:211)
at mc.jw.jwval.abmapplication._vvvvvvvvvvvv6(abmapplication.java:508)
at mc.jw.jwval.main._appstart(main.java:191)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:90)
at anywheresoftware.b4a.BA.raiseEvent(BA.java:77)
at mc.jw.jwval.main.main(main.java:29)
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
... 31 more

main.main (java line: 29)
java.lang.RuntimeException: java.io.IOException: Keystore was tampered with, or password was incorrect
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:119)
at anywheresoftware.b4a.BA.raiseEvent(BA.java:77)
at mc.jw.jwval.main.main(main.java:29)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1018)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:253)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:220)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:72)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:270)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:431)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at anywheresoftware.b4j.object.ServerWrapper.Start(ServerWrapper.java:211)
at mc.jw.jwval.abmapplication._vvvvvvvvvvvv6(abmapplication.java:508)
at mc.jw.jwval.main._appstart(main.java:191)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:90)
... 2 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
... 31 more
 

magi6162

Well-Known Member
Licensed User
Some doubts come to me for password management, here:
B4X:
Private Sub ConfigureSSL (SslPort As Int)
    'example of SSL connector configuration
    Dim ssl As SslConfiguration
    ssl.Initialize
    ssl.SetKeyStorePath(File.DirApp & "/cert", "mysite.keystore") 'path to keystore file
    ssl.KeyStorePassword = "123456789"
    ssl.KeyManagerPassword = "987654321"
    srvr.SetSslConfiguration(ssl, SslPort)
    'add filter to redirect all traffic from http to https (optional)
    srvr.AddFilter("/*", "HttpsFilter", False)
End Sub
I'm not sure I entered the right password.
 
Last edited:

magi6162

Well-Known Member
Licensed User
Last edited:

magi6162

Well-Known Member
Licensed User
ssl.KeyStorePassword = "123456789" <<< password used in #6
ssl.KeyManagerPassword = "987654321" <<< password used in #7

correct?
 

Alexander Stolte

Well-Known Member
Licensed User
use this:
"Loading Keys and Certificates via PKCS12"

B4X:
openssl pkcs12 -inkey jetty.key -in jetty.crt -export -out jetty.pkcs12

keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore[/SIZE]

"jetty.key" is your private key and "jetty.crt" is the .cer file.
 

magi6162

Well-Known Member
Licensed User
magi6162@web-server:~/cert$ openssl pkcs12 -inkey www.mysite.it_private_key.key -in www.mysite.it_ssl_certificate.cer -export -out www.mysite.i
t.pkcs12
Enter Export Password: (ssl.KeyStorePassword)
Verifying - Enter Export Password:
magi6162@web-server:~/cert$ keytool -importkeystore -srckeystore www.mysite.it.pkcs12 -srcstoretype PKCS12 -destkeystore mysite.it.keystore
Importing keystore www.mysite.it.pkcs12 to mysite.it.keystore...
Enter destination keystore password: (ssl.KeyManagerPassword)
Re-enter new password:
Enter source keystore password: (ssl.KeyStorePassword)
Entry for alias 1 successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeys
tore -srckeystore mysite.it.keystore -destkeystore mysite.it.keystore -deststoretype pkcs12".
Is that OK?
 

magi6162

Well-Known Member
Licensed User
nothing!!

ServerPort 51045
SSL port 443
run web app with: sudo nohup java -jar myapp.jar > nohup.out

B4X:
Private Sub ConfigureSSL (SslPort As Int)
    'example of SSL connector configuration
    Dim ssl As SslConfiguration
    ssl.Initialize
    ssl.SetKeyStorePath(File.DirApp & "/cert", "mysite.it.keystore") 'path to keystore file
    ssl.KeyStorePassword = "123456789"
    ssl.KeyManagerPassword = "987654321"
    srvr.SetSslConfiguration(ssl, SslPort)
    'add filter to redirect all traffic from http to https (optional)
    srvr.AddFilter("/*", "HttpsFilter", False)
End Sub
nohup.out:
init mysql
Mar 02, 2018 3:19:37 PM com.mchange.v2.log.MLog
INFO: MLog clients using java 1.4+ standard logging.
Mar 02, 2018 3:19:37 PM com.mchange.v2.c3p0.C3P0Registry
INFO: Initializing c3p0-0.9.5.2 [built 08-December-2015 22:06:04 -0800; debug? true; trace: 10]
Collegamento al database
loading /home/magi6162: copymewithjar.needs...
Using cache system: 3.0
Needs material/awesome icons
2018-03-02 15:19:38.684:INFO::main: Logging initialized @1311ms to org.eclipse.jetty.util.log.StdErrLog
GZipping HTML, JavaScript and CSS files...
Optimizing new and updated PNG files...
Building core.min.1520003977567.css...
2018-03-02 15:19:39.308:INFO:eek:ejs.Server:main: jetty-9.4.z-SNAPSHOT
2018-03-02 15:19:39.358:INFO:eek:ejs.session:main: DefaultSessionIdManager workerName=node0
2018-03-02 15:19:39.359:INFO:eek:ejs.session:main: No SessionScavenger set, using defaults
2018-03-02 15:19:39.360:INFO:eek:ejs.session:main: Scavenging every 600000ms
2018-03-02 15:19:39.423:INFO:eek:ejsh.ContextHandler:main: Started o.e.j.s.ServletContextHandler@3b2da18f{/,file:///home/magi6162/www/,AVAILABLE}
2018-03-02 15:19:39.425:INFO:eek:ejs.AbstractNCSARequestLog:main: Opened /home/magi6162/logs/b4j-2018_03_02.request.log
2018-03-02 15:19:39.439:INFO:eek:ejs.AbstractConnector:main: Started ServerConnector@13be7f5d{HTTP/1.1,[http/1.1]}{0.0.0.0:51045}
abmapplication._vvvvvvvvvvvv6 (java line: 510)
java.io.IOException: Keystore was tampered with, or password was incorrect <<< error Which password should I use?
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1018)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:253)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:220)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:72)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:270)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:431)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at anywheresoftware.b4j.object.ServerWrapper.Start(ServerWrapper.java:211)
at mc.jw.jwval.abmapplication._vvvvvvvvvvvv6(abmapplication.java:510)
at mc.jw.jwval.main._appstart(main.java:191)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:90)
at anywheresoftware.b4a.BA.raiseEvent(BA.java:77)
at mc.jw.jwval.main.main(main.java:29)
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
... 31 more

main.main (java line: 29)
java.lang.RuntimeException: java.io.IOException: Keystore was tampered with, or password was incorrect
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:119)
at anywheresoftware.b4a.BA.raiseEvent(BA.java:77)
at mc.jw.jwval.main.main(main.java:29)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:52)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1018)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:253)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:220)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:72)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:270)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:431)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at anywheresoftware.b4j.object.ServerWrapper.Start(ServerWrapper.java:211)
at mc.jw.jwval.abmapplication._vvvvvvvvvvvv6(abmapplication.java:510)
at mc.jw.jwval.main._appstart(main.java:191)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:90)
... 2 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
... 31 more
help me, please.
Now I do not understand anything anymore:confused:
 
Last edited:
Top