Hi everybody,
I’m trying to use a Trial SSL from Thawte to try SSL with Servoy.
I have generated 2 different certificates from their website using the same .csr file: one standard and one PKCS7
Then I have tried to import the standard certificate into my keystore using the same alias as the keystore one:
keytool -import -alias mykey -keystore myks.ks -trustcacerts -file trial-standard.crt
I got the following error:
keytool error: java.lang.Exception: Failed to establish chain from reply
Then I have tried to import the PKCS7 certificate into a copy of the original keystore (not the one I tried to import to previously) using also the same alias as the keystore one:
keytool -import -alias mykey -keystore myks.ks -trustcacerts -file trial-pkcs7.crt
This time I got a question but it worked and the import seemed to be done:
Top-level certificate in reply:
Owner: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FOR
TESTING PURPOSES ONLY, C=ZA
Issuer: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FO
R TESTING PURPOSES ONLY, C=ZA
Serial number: 0
Valid from: Thu Aug 01 01:00:00 BST 1996 until: Thu Dec 31 21:59:59 GMT 2020
Certificate fingerprints:
MD5: 5E:E0:0E:1D:17:B7:CA:A5:7D:36:D6:02:DF:4D:26:A4
SHA1: 39:C6:9D:27:AF:DC:EB:47:D6:33:36:6A:B2:05:F1:47:A9:B4:DA:EA
Signature algorithm name: MD5withRSA
Version: 3Extensions:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]… is not trusted. Install reply anyway? [no]: yes
Certificate reply was installed in keystore
So I have copied this keystore into server/conf/keystore/ (by the way I had to create the folder “keystore” as it didn’t exist)
Then I entered the SSL details into the administration page to get this details in servoy.properties file:
SocketFactory.compress=true
SocketFactory.useSSL=true
SocketFactory.SSLKeystorePassphrase=******** (Password used when creating the keystore)
SocketFactory.SSLKeystorePath=C\:\\Program Files (x86)\\Servoy\\application_server\\server\\conf\\keystore\\myks.ks
SocketFactory.useTwoWaySocket=true
But with this configuration the server doesn’t restart and get this error in .service_log.txt
STATUS | wrapper | 2009/08/05 11:10:58 | → Wrapper Started as Service
STATUS | wrapper | 2009/08/05 11:10:59 | Launching a JVM…
INFO | jvm 1 | 2009/08/05 11:10:59 | Wrapper (Version 3.1.2) http://wrapper.tanukisoftware.org
INFO | jvm 1 | 2009/08/05 11:10:59 |
INFO | jvm 1 | 2009/08/05 11:11:00 | 1 [WrapperSimpleAppMain] ERROR com.servoy.j2db.util.Debug - Throwable
INFO | jvm 1 | 2009/08/05 11:11:00 | javax.crypto.BadPaddingException: Given final block not properly padded
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.sun.crypto.provider.SunJCE_f.b(DashoA13*…)
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.sun.crypto.provider.SunJCE_f.b(DashoA13*…)
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.sun.crypto.provider.DESedeCipher.engineDoFinal(DashoA13*…)
INFO | jvm 1 | 2009/08/05 11:11:00 | at javax.crypto.Cipher.doFinal(DashoA13*…)
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.servoy.j2db.util.Settings.load(Settings.java:120)
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.servoy.j2db.util.Settings.loadFromFile(Settings.java:57)
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.servoy.j2db.server.ApplicationServer.main(ApplicationServer.java:269)
INFO | jvm 1 | 2009/08/05 11:11:00 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO | jvm 1 | 2009/08/05 11:11:00 | at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
INFO | jvm 1 | 2009/08/05 11:11:00 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
INFO | jvm 1 | 2009/08/05 11:11:00 | at java.lang.reflect.Method.invoke(Unknown Source)
INFO | jvm 1 | 2009/08/05 11:11:00 | at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:136)
INFO | jvm 1 | 2009/08/05 11:11:00 | at java.lang.Thread.run(Unknown Source)
INFO | jvm 1 | 2009/08/05 11:11:00 |
INFO | jvm 1 | 2009/08/05 11:11:00 | WrapperSimpleApp: Encountered an error running main: java.io.IOException: Given final block not properly padded
INFO | jvm 1 | 2009/08/05 11:11:00 | java.io.IOException: Given final block not properly padded
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.servoy.j2db.util.Settings.load(Settings.java:141)
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.servoy.j2db.util.Settings.loadFromFile(Settings.java:57)
INFO | jvm 1 | 2009/08/05 11:11:00 | at com.servoy.j2db.server.ApplicationServer.main(ApplicationServer.java:269)
INFO | jvm 1 | 2009/08/05 11:11:00 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO | jvm 1 | 2009/08/05 11:11:00 | at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
INFO | jvm 1 | 2009/08/05 11:11:00 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
INFO | jvm 1 | 2009/08/05 11:11:00 | at java.lang.reflect.Method.invoke(Unknown Source)
INFO | jvm 1 | 2009/08/05 11:11:00 | at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:136)
INFO | jvm 1 | 2009/08/05 11:11:00 | at java.lang.Thread.run(Unknown Source)
STATUS | wrapper | 2009/08/05 11:11:02 | on_exit trigger matched. Restarting the JVM. (Exit code: 1)
STATUS | wrapper | 2009/08/05 11:11:06 | Launching a JVM…
So what should I do?