How to run jetty server in SSL mode using PKCS12 keystore?

Question

I am trying to run jetty web server in SSL mode using PKCS12 keystore. The code is as follows:

import org.mortbay.jetty.Server;
import org.mortbay.jetty.security.SslSelectChannelConnector;

class MyClass
{
   public static void main(String[] args)
   {
       Server server = new Server();
       SslSelectChannelConnector connector = new SslSelectChannelConnector();
       connector.setKeystore(keyStore);
       connector.setKeyPassword(keyPass);
       connector.setKeystoreType("PKCS12");
       server.addConnector(connector);
       server.start();
   }
}

Jetty is able to run correctly. But when I try to connect to jetty using https in a web browser, I get the following message. javax.net.ssl.SSLHandshakeException: no cipher suites in common

But if I use a JKS keystore file, I am able to connect to jetty server using https. Can anyone tell me what could be the problem or what things need to be taken care while using keystore types other than JKS.

Answer 1

There are two passwords to use a private key from a KeyStore: the store password and the key password. For PKCS#12 keystores, the password is the same for the store and the key.

The keystore's password is set via setPassword(String) in SslSelectChannelConnector. Try adding this:

connector.setPassword(keyPass);