Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Error sending mail: Invalid keystore format

thenetstriker
Champ in-the-making
Champ in-the-making

‎12-22-2014 10:19 AM

I've configured my Alfresco (5.0.c) installation to send mails over smtp.office365.com, but I get errors regarding the java keystore.

The exception is very long, so I've uploaded it to pastebin: http://pastebin.com/bfX64aVF

At the bottom of the exception is the interesting part:

Caused by: java.io.IOException: Invalid keystore format
   at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source)
   at sun.security.provider.JavaKeyStore$JKS.engineLoad(Unknown Source)
   at java.security.KeyStore.load(Unknown Source)
   at sun.security.ssl.TrustManagerFactoryImpl.getCacertsKeyStore(Unknown Source)
   at sun.security.ssl.SSLContextImpl$DefaultSSLContext.getDefaultTrustManager(Unknown Source)
   at sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(Unknown Source)
   at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
   at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
   at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
   at java.lang.reflect.Constructor.newInstance(Unknown Source)
   … 117 more

My cacerts keystore is in JCEKS format. I think for some reason Alfresco tries to load the keystore in a different format.
I've already tried to set the JAVA_OPTS in setenv.sh, but that didn't make any difference:
JAVA_OPTS="-Djavax.net.ssl.keyStoreType=JCEKS $JAVA_OPTS "

How can I solve this problem?
Labels:
0 Kudos
1 REPLY 1

zydoon
Champ on-the-rise
Champ on-the-rise

‎12-30-2014 01:41 PM

First you'll need to import the SMTP TLS certificate into the "truststore"
second, you tell tomcat what is the store type and it's path
in RHEL installation: /etc/sysconfig/tomcat
JAVA_OPTS="…some..staff…. -Djavax.net.ssl.trustStore=/var/lib/alfresco/keystore/ssl.truststore -Djavax.net.ssl.trustStoreType=JCEKS -Djavax.net.ssl.trustStorePassword=some_password …..something..else…  "


I do have this in alfresco-global.properties
alfresco.encryption.ssl.keystore.location=${dir.keystore}/ssl.keystore
alfresco.encryption.ssl.keystore.provider=SunJCE
alfresco.encryption.ssl.keystore.type=JCEKS
alfresco.encryption.ssl.keystore.keyMetaData.location=${dir.keystore}/ssl-keystore-passwords.properties
alfresco.encryption.ssl.truststore.location=${dir.keystore}/ssl.truststore
alfresco.encryption.ssl.truststore.provider=SunJCE
alfresco.encryption.ssl.truststore.type=JCEKS
alfresco.encryption.ssl.truststore.keyMetaData.location=${dir.keystore}/ssl-truststore-passwords.properties


I don't know which one is making the thing working, please report if you find out.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC