AnsweredAssumed Answered

Secure Proxy Server - Failed to load Java keystore (SSL)

Question asked by wasja02 Employee on Aug 17, 2018
Latest reply on Aug 22, 2018 by Hubert Dennis

I am trying to import a signed certificate so that SPS can communicate with https on the backend server and I am receiving a "Failed to load keystore" error in the server.log. (see attachment)


I am assuming that one error is preventing me from using https. 


Any ideas on what could be wrong or step that I may have missed to complete the SSL process for the keystore to be loaded properly?


I have performed the following steps...


1. Create the Cert Request

cd <install-dir>\SSL

..\bin\openssl req -out client2-CSR.csr -new -newkey rsa:2048 -nodes -keyout client2-privateKey.key -config ..\bin\openssl.cnf


2. Sign the Request

CSR was signed by CA

Convert cert to DER encoding

..\bin\openssl x509 –in client2-Cert_x509.pem -out client2-Cert_x509.cer -outform der


3. Convert private key to encrypted pkcs#8 DER encoding

..\bin\openssl.exe pkcs8 -in client2-privateKey.key -topk8 -v2 des3 -out client2-privateKey-DER.key -outform DER


4. Put files in right location:

     Place DER encoded client cert in :  <install-dir>\SSL\clientcert\certs\



     Place encrypted DER encoded private key in :  <install-dir>\SSL\clientcert\key\


5. Generate Encrypted Password for server.conf file:

cd <install-dir>\SSL\bin password

Encrypted string: U2FsdGVkX18VcMWDmBEJG7CL2edypl03V6Ig1F3gON4=


6. Modify the server.conf file :





7. Restart SPS and check the server.log file: 

failed to load keystore