I have a java application developed in play framework. I know that we can use keystore to serve data through https for the play application.
I obtained a certificate of Let’s Encrypt using certbot for my domain. Then i made a pkcs12 file using openssl command and a keystore using keytool.
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out cert_and_key.p12 -CAfile cert.pem -caname root -passout pass:somepassword
keytool -importkeystore -srckeystore cert_and_key.p12 -srcstoretype pkcs12 -destkeystore keyStore.jks -deststoretype jks -storepass somepassword
I then pointed my play app to the keystore as follows on the application.conf file
play.server.https.keyStore.path = “/etc/letsencrypt/live/test.onlinemanpower.com/keyStore.jks”
play.server.https.keyStore.type = “JKS”
play.server.https.keyStore.password = “somepassword”
When i run the application it runs without a hitch. But when I open the application where it needs to validate through https I get following error:
[^[[31merror^[[0m] p.c.s.NettyServer - cannot load SSL context
java.lang.reflect.InvocationTargetException: null
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at play.core.server.ssl.ServerSSLEngine$.createScalaSSLEngineProvider(ServerSSLEngine.scala:96)
at play.core.server.ssl.ServerSSLEngine$.createSSLEngineProvider(ServerSSLEngine.scala:32)
at play.core.server.NettyServer.liftedTree1$1(NettyServer.scala:91)
at play.core.server.NettyServer.play$core$server$NettyServer$$sslEngineProvider$lzycompute(NettyServer.scala:90)
at play.core.server.NettyServer.play$core$server$NettyServer$$sslEngineProvider(NettyServer.scala:89)
at play.core.server.NettyServer$$anonfun$channelSink$1.apply(NettyServer.scala:158)
Caused by: java.lang.Exception: Unable to find HTTPS keystore at “/etc/letsencrypt/live/test.onlinemanpower.com/keyStore.jks”
at play.core.server.ssl.DefaultSSLEngineProvider.createSSLContext(DefaultSSLEngineProvider.scala:56)
at play.core.server.ssl.DefaultSSLEngineProvider.(DefaultSSLEngineProvider.scala:24)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at play.core.server.ssl.ServerSSLEngine$.createScalaSSLEngineProvider(ServerSSLEngine.scala:96)
at play.core.server.ssl.ServerSSLEngine$.createSSLEngineProvider(ServerSSLEngine.scala:32)
at play.core.server.NettyServer.liftedTree1$1(NettyServer.scala:91)
at play.core.server.NettyServer.play$core$server$NettyServer$$sslEngineProvider$lzycompute(NettyServer.scala:90)
The keystore file exists on the said location. I have tried giving the permission 777 just to check and it still does not work.
Any idea what I am missing on this?