truststore - the trustAnchors parameter must be non-empty - error 0.8.2

[alexander anguiano]

I'm trying to configure a trust store,  I set these fields in my yml

      trustStorePath: security/trust.p12

      trustStoreType:  PKCS12

      trustStorePassword: password

i verified that the trust.p12 exists

i verified that the trust.p12 has the correct permissions

i verified that the password is correct, 

i'm getting this error

Any body have an solution for this?

Thanks

Exception in thread "main" MultiException[java.security.InvalidAlgorithmParameterException: the trustAnchors parameter m

ust be non-empty, java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty, java.u

til.concurrent.RejectedExecutionException: org.eclipse.jetty.util.thread.NonBlockingThread@352e787a]

        at org.eclipse.jetty.server.Server.doStart(Server.java:329)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at io.dropwizard.cli.ServerCommand.run(ServerCommand.java:43)

        at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:43)

        at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:76)

        at io.dropwizard.cli.Cli.run(Cli.java:70)

        at io.dropwizard.Application.run(Application.java:73)

        at com.netiq.agentmanager.AgentManagerApplication.main(AgentManagerApplication.java:41)

java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

        at java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)

        at java.security.cert.PKIXParameters.<init>(Unknown Source)

        at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)

        at org.eclipse.jetty.util.ssl.SslContextFactory.getTrustManagers(SslContextFactory.java:933)

        at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:299)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)

        at org.eclipse.jetty.server.Server.start(Server.java:387)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)

        at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61)

        at org.eclipse.jetty.server.Server.doStart(Server.java:354)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at io.dropwizard.cli.ServerCommand.run(ServerCommand.java:43)

        at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:43)

        at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:76)

        at io.dropwizard.cli.Cli.run(Cli.java:70)

        at io.dropwizard.Application.run(Application.java:73)

        at com.netiq.agentmanager.AgentManagerApplication.main(AgentManagerApplication.java:41)

java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

        at java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)

        at java.security.cert.PKIXParameters.<init>(Unknown Source)

        at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)

        at org.eclipse.jetty.util.ssl.SslContextFactory.getTrustManagers(SslContextFactory.java:933)

        at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:299)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)

        at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:64)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114)

        at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)

        at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)

        at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at org.eclipse.jetty.server.Server.doStart(Server.java:366)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at io.dropwizard.cli.ServerCommand.run(ServerCommand.java:43)

        at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:43)

        at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:76)

        at io.dropwizard.cli.Cli.run(Cli.java:70)

        at io.dropwizard.Application.run(Application.java:73)

        at com.netiq.agentmanager.AgentManagerApplication.main(AgentManagerApplication.java:41)

java.util.concurrent.RejectedExecutionException: org.eclipse.jetty.util.thread.NonBlockingThread@352e787a

        at org.eclipse.jetty.util.thread.QueuedThreadPool.execute(QueuedThreadPool.java:362)

        at org.eclipse.jetty.io.SelectorManager.execute(SelectorManager.java:160)

        at org.eclipse.jetty.io.SelectorManager.doStart(SelectorManager.java:258)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132)

        at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:106)

        at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:256)

        at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)

        at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at org.eclipse.jetty.server.Server.doStart(Server.java:366)

        at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)

        at io.dropwizard.cli.ServerCommand.run(ServerCommand.java:43)

        at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:43)

        at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:76)

        at io.dropwizard.cli.Cli.run(Cli.java:70)

        at io.dropwizard.Application.run(Application.java:73)

        at com.netiq.agentmanager.AgentManagerApplication.main(AgentManagerApplication.java:41)

[Peter Stackle]

If I recall correctly, to use a PKCS12 key store file as a trust store in Java you will need to use version 8 or higher. If you are stuck with Java 7 (or earlier), you should switch your trust store to be a JKS file.

[alexander anguiano]

Thanks for the reply. 

I'm using java 1.8.  The error message that i'm getting is confusing. I did find the problem.   I built the truststore with the open ssl tools and receive this error.  I created my trust store with the keytool it worked

Here how i created the trust store

keytool" -importcert -storetype PKCS12 -keystore trust3.p12 -alias myalias -storepass mypassword -file ca.pem -noprompt