Web Dashboard - SSL Certificates not working for Web Dashboard
Related topics Copied
Web Dashboard, SSL certificate, Enabling SSL
Problem Copied
I cannot get SSL to work with Web Dashbaord
Possible causes Copied
- Root Cause 1 - Getting
keytool error: java.io.IOException: Invalid keystore formatorkeytool error: java.io.IOException: DerInputStream.getLength(): lengthTag=XX, too big. - Root Cause 2 - Getting
keytool error: java.io.IOException: keystore password was incorrect - Root Cause 3 - Getting error
SSLConnector:connect: SSL i/o error:[5] ret=-1 errno=0
Possible solutions Copied
- Solution to Root Cause 1 - Check that the certificate is PKCS12. To check the format of the original security file, you can use KeyStore Explorer to open the file. The left bottom bar will show the actual format.
If the certificate is not in PKCS12 format, the certificate must be converted to PKCS12 format using our utilities.
Please follow the exact steps stated in the section Adding a Certificate and Private Key to the keystore and make sure your security.properties files is configured to be using PKCS12:
-
Solution to Root Cause 2 - Your password or passphrase in the keystore/certificate might contain unsupported characters as mentioned in the How to solve “keytool error: java.io.IOException: keystore password was incorrect” due to unsupported characters article.
-
Solution to Root Cause 3 - This is due to trying to run two instances (unsecure and secure) trying to use the same port number.Your secure port is defined in your security.properties files. Your insecure is defined in the
geneoswsscript. Your insecure and secure ports must be configured in different ports.
If you want to disable insecure connections, comment out that setting in geneosws.
For more information on secure and insecure communications between Geneos components, see SSL documentation.