I have a working spring boot application, when I do configure it to run in SSL mode as follow:
server.port: 8443 server.ssl.enabled: true server.ssl.key-store: classpath:keystore.pkcs12 server.ssl.key-store-password: password server.ssl.key-store-type: pkcs12 server.ssl.client-auth: none
Configuration, which is working for a similar spring boot application and exact same keystore
It throws following Exception:
2022-02-15 15:33:15.636 [] WARN o.s.b.w.s.c.AnnotationConfigServletWebServerApplicationContext - Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Failed to start bean 'webServerStartStop'; nested exception is org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server 2022-02-15 15:33:15.711 [] ERROR o.s.b.SpringApplication - Application run failed Caused by: java.io.EOFException at sun.security.util.IOUtils.readExactlyNBytes(Unknown Source) ~[?:?] at sun.security.util.DerValue.init(Unknown Source) ~[?:?] at sun.security.util.DerValue.<init>(Unknown Source) ~[?:?] at sun.security.util.DerValue.<init>(Unknown Source) ~[?:?] at sun.security.pkcs12.PKCS12KeyStore.engineLoad(Unknown Source) ~[?:?] at sun.security.util.KeyStoreDelegator.engineLoad(Unknown Source) ~[?:?] at java.security.KeyStore.load(Unknown Source) ~[?:?] at org.apache.tomcat.util.security.KeyStoreUtil.load(KeyStoreUtil.java:69) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:215) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:207) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:281) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:245) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:231) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1208) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1294) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:614) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.catalina.connector.Connector.startInternal(Connector.java:1072) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.apache.catalina.core.StandardService.addConnector(StandardService.java:234) ~[tomcat-embed-core-9.0.52.jar:9.0.52] at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:282) ~[spring-boot-2.5.4.jar:2.5.4] at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:213) ~[spring-boot-2.5.4.jar:2.5.4] at org.springframework.boot.web.servlet.context.WebServerStartStopLifecycle.start(WebServerStartStopLifecycle.java:43) ~[spring-boot-2.5.4.jar:2.5.4] at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:178) ~[spring-context-5.3.9.jar:5.3.9] ... 14 more
Advertisement
Answer
Apparently, this exception happens when you target a directory instead of the actual Keystore file:
server.ssl.key-store: classpath:keystore/
Instead of
server.ssl.key-store: classpath:keystore/keystore.pkcs12