0

In localhost, with an auto-generate certificate, I have access to my API in HTTPS. On the other hand, on my VPS, with the certificate provided by my host, I get errors. I guess the problem must come from the conversion of the certificate provided in .cer to the version in .p12, since my code remains unchanged from the localhost version and in the version on the VPS.

Here are the errors generated

Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startInternal(Connector.java:1075) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) at org.apache.catalina.core.StandardService.addConnector(StandardService.java:234) ... 18 more Caused by: java.lang.IllegalArgumentException: Alias name [springboot] does not identify a key entry at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107) at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:234) at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1227) at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1313) at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:614) at org.apache.catalina.connector.Connector.startInternal(Connector.java:1072) ... 20 more Caused by: java.io.IOException: Alias name [springboot] does not identify a key entry at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:337) at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247) at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)

And here is the HTTPS configuration in spring-boot

server.ssl.enabled=true
server.ssl.key-alias=springboot
server.ssl.key-store=classpath:files/cert/springboot-mooddraw-com.p12
#server.ssl.key-store=classpath:files/cert/springboot-localhost.p12
server.ssl.key-store-type=pkcs12
server.ssl.key-store-password=cxcxvd
server.ssl.key-password=cxcxvd

thank you in advance for your help

Stéphanie Vincart
  • 1
  • 1
  • "Alias name [springboot] does not identify a key entry" – Olivier Jul 15 '22 at 10:05
  • Thanks, I can read but it doesn't tell me the solution. When converting the certificate I gave springboot as an alias using the following command: `keytool -import -alias springboot -file myCertificate.crt -keystore springboot.p12 -storepass password` And when registering in the cacerts of the server I also put springboot as an alias using the following command: `keytool -importcert -file myCertificate.crt -alias springboot -keystore $JDK_HOME/jre/lib/security/cacerts` And yet I have an unrecognized alias error so where can I find the correct alias? – Stéphanie Vincart Jul 15 '22 at 12:01
  • Which version of springboot are you using? – b.s Jul 15 '22 at 12:30
  • What is missing is the **key**. You only put the certificate. See [this](https://stackoverflow.com/a/8224863/12763954) for an example on how to create a .p12 store with openssl containing both a key and a certificate. – Olivier Jul 15 '22 at 12:55
  • Thank you Olivier, Indeed, by recreating the .p12 according to the procedure linked to your message, it worked. – Stéphanie Vincart Jul 18 '22 at 08:24

1 Answers1

0

Replace the statement server.ssl.key-alias=springboot with server.ssl.keyAlias=springboot. If you also face the issue with key store type then replace the server.ssl.key-store-type=pkcs12 with server.ssl.keyStoreType=PKCS12.

b.s
  • 2,409
  • 2
  • 16
  • 26