Recognition of the PKCS12 certs

[rihoe]

java.lang.IllegalStateException: Failed to load key-store from: /sb/sys/config/insurnc/certs/cert_EE.p12 at org.digidoc4j.utils.KeyStoreDocument.loadKeyStoreFromRawBytes(KeyStoreDocument.java:127) ~[digidoc4j.jar:?] … Caused by: java.io.IOException: Invalid keystore format at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650) ~[?:1.8.0_25] at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) ~[?:1.8.0_25] at java.security.KeyStore.load(KeyStore.java:1433) ~[?:1.8.0_25]

System tries to load P12 file as JKS and failes. I haven't found a way how to enforce it to recognize the correct type.

[naare]

Hello,

Are you trying to set LOTL signers truststore: configuration.setTslKeyStoreLocation("location");? In that case only JKS type is currently supported. In next release this will be changed, default type is switched to p12 and option to set truststore type is also added. If you are trying to set some other truststore then they should have a possibility to set the truststore type eithe already.

Current workaround is to switch your truststore from p12 to jks.

[rihoe]

I got over it by updating from Java 8 to 11. Problem was probably by using too old 1.8 JDK (pre 1.8.0_60) https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8062552 - here my issue was fixed, but our server had too old 1.8 release