I am trying to use a self signed certificate, generated using http://docs.tigase.org/tigase-server/5.3.0/adminguide/#_server_certificates, to start the XMPP server. However, the server does not start logging the below mentioned exception error in logs/tigase-console.log
SSLContextContainer.init() WARNING: Cannot load certficate from file: certs/tigase.mydomain.crt java.security.KeyStoreException: Cannot store non-PrivateKeys at sun.security.provider.JavaKeyStore.engineSetKeyEntry(JavaKeyStore.java:250) at sun.security.provider.JavaKeyStore$JKS.engineSetKeyEntry(JavaKeyStore.java:55) at java.security.KeyStore.setKeyEntry(KeyStore.java:909) at tigase.io.SSLContextContainer.addCertificateEntry(SSLContextContainer.java:199) at tigase.io.SSLContextContainer.init(SSLContextContainer.java:421) at tigase.io.TLSUtil.configureSSLContext(TLSUtil.java:89) at tigase.conf.ConfiguratorAbstract.setProperties(ConfiguratorAbstract.java:815) at tigase.conf.ConfiguratorAbstract.setup(ConfiguratorAbstract.java:550) at tigase.conf.ConfiguratorAbstract.componentAdded(ConfiguratorAbstract.java:182) at tigase.conf.Configurator.componentAdded(Configurator.java:50) at tigase.conf.Configurator.componentAdded(Configurator.java:33) at tigase.server.AbstractComponentRegistrator.addComponent(AbstractComponentRegistrator.java:115) at tigase.server.MessageRouter.addRegistrator(MessageRouter.java:141) at tigase.server.MessageRouter.setConfig(MessageRouter.java:696) at tigase.server.XMPPServer.start(XMPPServer.java:142) at tigase.server.XMPPServer.main(XMPPServer.java:112)
What seems to have gone wrong here. I tried to generate the private key with and without password but I get this same exception.
Files placed in the certs/
directory are client_truststore
, keystore
, rsa-keystore
, tigase.mydomain.crt
, tigase.mydomain.csr
, tigase.mydomain.key
, tigase.mydomain.pem
and truststore
I used openssl req -nodes -new -newkey rsa:2048 -keyout tigase.mydomain.key -out tigase.mydomain.csr
to generate the .key
and .csr
.
I used openssl x509 -req -days 365 -in tigase.mydomain.csr -signkey tigase.mydomain.key -out tigase.mydomain.crt
to generate the .crt
I used cat tigase.mydomain.crt tigase.mydomain.key > tigase.mydomain.pem
to generate the .pem
Am I doing something wrong in generating the key, certificate?
What I want to achieve is that use my self signed certificate because the client will also belong to me.
Your help is much appreciated.
PS:
I am using the latest code from the master branch that I pulled from the git repository. Compiling this code give the version = 5.3.0
Using open JDK 7
Thanks.