Open rbeckman-nextgen opened 4 years ago
Also see MIRTH-4223
Imported Comment. Original Details: Author: cschultz@chadis.com Created: 2018-12-12T17:24:23.000-0800
This is useful reading, and the history is fairly amusing: https://neilmadden.blog/2017/11/17/java-keystores-the-gory-details/
Imported Comment. Original Details: Author: cschultz@chadis.com Created: 2019-12-13T07:02:36.000-0800
I created a new keystore today because my old certificate had expired. I decided to switch to PKCS12 because the Java-specific keystore formats are being phased-out of the Java ecosystem.
I created my key and certificate and packaged them into a PKCS12 keystore. I edited conf/mirth.properties and set the correct filename and
keystore.type=PKCS12
.When starting Mirth Connect, I got errors for both initializing the web server and initializing the "security settings" with a stack trace including
com.sun.crypto.provider.JceKeyStore.engineLoad
. I tried a few things but could not get Mirth to load the keystore in PKCS12 format.I converted the PKCS12 keystore into JKS format (and changed the keystore.type config setting) and restarted Mirth. This allowed Mirth to load, but it seems that Mirth will re-package the keystore into a JCEKS keystore when adding the "encryption" SecretKey.
So it seems that only JCEKS keystores are supported.
Imported Issue. Original Details: Jira Issue Key: MIRTH-4282 Reporter: cschultz@chadis.com Created: 2018-05-30T08:15:36.000-0700