1
votes

Generated keystore and configured in application.properties file as given in this link - http://doc-kurento.readthedocs.io/en/stable/mastering/securing-kurento-applications.html

But still facing error -

java.io.IOException: Keystore was tampered with, or password was incorrect at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) ~[na:1.7.0_101] at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) ~[na:1.7.0_101] at java.security.KeyStore.load(KeyStore.java:1226) ~[na:1.7.0_101] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:451) ~[tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:355) ~[tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:608) ~[tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:548) ~[tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:360) ~[tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:765) ~[tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:472) ~[tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.catalina.connector.Connector.startInternal(Connector.java:986) [tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [tomcat-embed-core-8.0.28.jar:8.0.28] at org.apache.catalina.core.StandardService.addConnector(StandardService.java:237) [tomcat-embed-core-8.0.28.jar:8.0.28] at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectors(TomcatEmbeddedServletContainer.java:194) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.start(TomcatEmbeddedServletContainer.java:151) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainer(EmbeddedWebApplicationContext.java:290) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefresh(EmbeddedWebApplicationContext.java:141) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:540) [spring-context-4.2.3.RELEASE.jar:4.2.3.RELEASE] at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:118) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:752) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.boot.SpringApplication.doRun(SpringApplication.java:347) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:295) [spring-boot-1.3.0.RELEASE.jar:1.3.0.RELEASE] at org.kurento.tutorial.one2onecall.One2OneCallApp.main(One2OneCallApp.java:60) [classes/:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_101] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_101] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_101] at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_101] at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:293) [exec-maven-plugin-1.4.0.jar:na] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_101] Caused by: java.security.UnrecoverableKeyException: Password verification failed at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) ~[na:1.7.0_101] ... 28 common frames omitted

2

2 Answers

1
votes

There is an error in the documentation with the format of the file . The correct file looks like this

server.port: 8443
server.ssl.key-store: keystore.jks
server.ssl.key-store-password: yourPassword
server.ssl.keyStoreType: JKS
server.ssl.keyAlias: yourKeyAlias

Check that you file is according to that, and make sure that you are providing the correct keystore location in server.ssl.key-store

0
votes

I recently faced the same issue - Caused by:

java.security.UnrecoverableKeyException: Password verification failed . Keystore was tampered with, or password was incorrect

Issue Resolved Steps .

Step 1 : Check the keystore cert password is correct under your installed jdk by using the cmd

keytool -list -keystore cacerts from [$JAVA_HOME/jre/lib/security] or from the folder where the cert is pointed

if Step 1 is valid

Step2 : Check from the application - How the application is passing the password . It may be password with additional commas or misspelled. The password your provided from the application mismatched with original keystore password, hence java security throw the UnrecoverableKeyException