Using Let's Encrypt for SSL certificate for CAS and CAS management

Skip to first unread message

Tom Reijnders

Jul 21, 2022, 10:26:42 AMJul 21
to CAS Community
I used several methods to convert the Let's Encrypt certificatate to a PKCS12 certificate (inlcuding the key) but whatever I try, I get the follwing error when trying to start cas-management: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

Any ideas how to fix this?

King, Robert

Jul 22, 2022, 9:17:13 AMJul 22

I have run into a similar issue and it seems to always stem from using openssl to covert a pem/x509 cert and private key into a pkcs12 bundle.  Was not able to find a solution.


This article looks like it might work, but I did not have time to test it yet.


- Website:
- Gitter Chatroom:
- List Guidelines:
- Contributions:
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To view this discussion on the web visit

King, Robert

Jul 22, 2022, 9:18:03 AMJul 22

Fabrice Bacchella

Jul 25, 2022, 3:34:32 AMJul 25
to is probably the way to go.

Le 22 juil. 2022 à 15:17, King, Robert <> a écrit :

EXTERNAL EMAIL :  The sender of this email is external to 3DS. Be wary of the content and do not open unexpected attachments or links. If you consider this email as spam, you can click here (no login or additional action will be requested).

Tom Reijnders

Jul 25, 2022, 3:49:05 AMJul 25
to CAS Community
It seems that it has nothing to do with the keystore itself, but with the casmanagement properties to set the password. If I replace the default keystore and make soure that my keystore uses the default tomcat password (changeit) it works!

In the end I deceided to deploy the war on a separate tomcat9 server, and than there are no issues either.

Reply all
Reply to author
0 new messages