Ask Your Question
0

issue using mutual SSL with http client

asked 2018-10-18 09:19:46 -0600

Rene G. gravatar image

Want to call Webservice having P12-Softtoken with private key and certificate from customer, cURL-call using this succesfull.

Configured Origin Http-client using mutual SSL in StreamSets:

1st try: Using PKCS-12(P12)-keystorefile I get validation error "HTTP Client 1 TLS_23 - Error attempting to initialize key store with key manager: Get Key failed: java.security.InvalidKeyException: Invalid RSA private key : conf.tlsConfig.keyStoreFilePath"

2nd try: Converting P12 to JKS-Keystore using keytool. Validation ok, but on preview I get "com.streamsets.pipeline.api.StageException: HTTP_32 - Error executing request: javax.net.ssl.SSLHandshakeException: Error signing certificate verify....Caused by: java.security.InvalidKeyException: No installed provider supports this key: sun.security.pkcs.PKCS8Key..."

Any ideas for further investigation, what to check/to do?

edit retag flag offensive close merge delete

Comments

Could you share your commands to generate those keystorefiles. Did you validate they exist in the path with right permissions?

kranthi gravatar imagekranthi ( 2018-10-25 07:11:40 -0600 )edit

Meanwhile I found out, that key in the keystore was in PKCS8 format, not in PKCS12 as expected. So I recreated the keystore with OpenSSL (means export key and certs, remove passphrase from exported key, create new keystore in P12-format) and afterwords it worked smoothly. Thanks for your help.

Rene G. gravatar imageRene G. ( 2018-10-30 09:47:23 -0600 )edit

1 Answer

Sort by ยป oldest newest most voted
1

answered 2018-10-30 09:53:49 -0600

Rene G. gravatar image

Meanwhile I found out, that key in keystore was saved in PKCS8 format, not PKCS12 as expected. So I recreated the keystore with OpenSSL (means export key and certs, remove passphrase from exported key, create new keystore in P12-format) and afterwords it worked smoothly. Cheers Rene

edit flag offensive delete link more
Login/Signup to Answer

Question Tools

1 follower

Stats

Asked: 2018-10-18 09:19:46 -0600

Seen: 17 times

Last updated: Oct 30