Anyone with some SSL experience available to help me out troubleshoot an issue with some K2K connectivity??
I’m getting a very expressive:
Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
Problem seems to be that my self signed root certificate is not used when validating the certificate chain.
The truststore has a certificate inside though and the password is correct (error is different if it’s wrong)
Hey,
It will be hard to pin point the exact reason why it’s failing. Likely there is some misconfiguration of your certificates.
Some possible causes:
Make sure you use `keytool` to importing things into a JKS file. Usually works better than just using openssl
Use the same password for private key encryption password and keystore password. They seem to have to be the same.
Make sure you’re enabling -extensions v3_req when signing the broker certificate using your root CA
Make sure your certificates species IP.0=127.0.0.1 under[alt_names]