javasslpasswordskeystoreejbca

Java exception client authentication TLS: password must not be null

I wrote this code to communicate with ejbca server (JBoss 5.1.0.GA-jdk6, EJBCA 4.0.10 and openjdk-6-jdk ):

CryptoProviderTools.installBCProvider();    
String urlstr = "https://ejbca05:8443/ejbca/ejbcaws/ejbcaws?wsdl";

System.setProperty("javax.net.ssl.trustStore","C:\\Users\\l.\\keystore.jks"); 
System.setProperty("javax.net.ssl.trustStorePassword","provae"); 
System.setProperty("javax.net.ssl.keyStore","C:\\Users\\l.\\keystore.jks");
System.setProperty("javax.net.sslews.keyStorePassword","provae"); 
QName qname = new QName("http://ws.protocol.core.ejbca.org/", "EjbcaWSService");
EjbcaWSService service = null;
try {
    service = new EjbcaWSService(new URL(urlstr),qname);
} catch (MalformedURLException e) {
    // TODO Auto-generated catch block
    System.out.println("errore nell'url");
}
EjbcaWS ejbcaraws = service.getEjbcaWSPort();

but I have this exception:

Exception in thread "main" javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://ejbca05:8443/ejbca/ejbcaws/ejbcaws?wsdl. It failed with: 
    Got java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext) while opening stream from https://ejbca05:8443/ejbca/ejbcaws/ejbcaws?wsdl.
    at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:173)
..........
.......
Caused by: java.security.UnrecoverableKeyException: Password must not be null
    at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:124)
    at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55)
    at java.security.KeyStore.getKey(KeyStore.java:792)

The keystore is superadmin.p12 converted to jks. I have also tried with other keystore created with ejbca or with keytool but i get the same error. Anyone know why?

Solution

  • using this code seems to work

    String urlstr = "https://ejbca05.prv:8443/ejbca/ejbcaws/ejbcaws?wsdl";
        System.setProperty("javax.net.ssl.trustStore","C:/Users/l./Downloads/truststore.jks");
        System.setProperty("javax.net.ssl.trustStorePassword","provae");
        System.setProperty("javax.net.ssl.keyStore","C:/Users/l./Downloads/superadmin.p12");
        System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
        System.setProperty("javax.net.ssl.keyStorePassword","provae");

    maybe converting p12 to jks keystore was not working properly.

    EDIT: it is possible convervet to jks with this command

    keytool -importkeystore -srckeystore [MY_FILE.p12] -srcstoretype pkcs12
 -srcalias [ALIAS_SRC] -destkeystore [MY_KEYSTORE.jks]
 -deststoretype jks -deststorepass [PASSWORD_JKS] -destalias [ALIAS_DEST]