powered by Jive Software

ClassCastException configuring SSL Certs via Admin Console

Hello,

I’m getting the following error configuring SSL via the admin console:

There was an error one importing private key and signed certificate. Error message: org.bouncycastle.jce.provider.JCERSAPrivateCrtKey cannot be cast to java.security.KeyPair

I’ve tried upgrading Java, JCE and Bouncycastle to no avail.

Any ideas what’s going on?

I’m running 64 bit RedHat 6.3.

Chris

I’m getting the same error. I’m running Openfire 3.8.2, JRE 7, IIS 7 on Windows 2008 R2 Server.

I created my own certificate chain for development (a CA and a server certificate signed by it). The certs work correctly in IIS, and I can import them into the keystore, but I cannot import them into Openfire. I get this error:

There was an error one importing private key and signed certificate. Error message: org.bouncycastle.jce.provider.JCERSAPrivateCrtKey cannot be cast to java.security.KeyPair

Got exactly the same error with a new ca-valid cert.

Problem was the format of the private key pem file :

In the PEM file, i got :

-----BEGIN PRIVATE KEY-----

instead of :

-----BEGIN RSA PRIVATE KEY-----

(diff from my old cert which was perfectly handled by openfire)

So, i had to convert my key file with :

openssl rsa -in privatekey.key -check

and paste the result to openfire.

Cert and intermediate certs go to the next field, in pem format, without any conversion.

That’s worked for me.