Problem With Multiple Certificates

222 views
Skip to first unread message

Christopher Stack

unread,
Dec 1, 2021, 8:01:31 PM12/1/21
to PicApport
My Server just restarted and when it came back up I'm now getting  this error "java.lang.IllegalStateException: KeyStores with multiple certificates are not supported on the base class org.eclipse.jetty.util.ssl.SslContextFactory. (Use org.eclipse.jetty.util.ssl.SslContextFactory$Server or org.eclipse.jetty.util.ssl.SslContextFactory$Client instead)"

I found this post - https://opennms.discourse.group/t/jetty-with-ssl-throws-error-with-keystores-with-multiple-certificates-are-not-supported/1489 which leads me to believe the issue is because I have multiple SubjectAlternateNames on my certificate. It makes it sounds like the fix is pretty easy if there is a jetty.xml. 

I couldn't quickly find a jetty.xml though, is it hidden somewhere? Has anyone else run into this issue?

PicApport

unread,
Dec 2, 2021, 4:18:55 AM12/2/21
to PicApport
We currently have no explanation for this.
Can you provide us the following Information to analyze your problem:
  • PicApport Version
  • Java version
  • Operating System type and Version
  • Your picapport.properties file (it contains all of you https settings...)
  • It would be great to have a logfile in debug mode when this problem occurs...

Christopher Stack

unread,
Dec 2, 2021, 4:00:53 PM12/2/21
to PicApport
Sorry for not including all of that.

My computer restarted yesterday, and navigating to the URL after it restarted did not work. So I took that time to upgrade from I think 10.01.01 to 10.2.00.
I'm using OpenJDK 64 bit version 11.0.11.
I am Using Ubuntu 21.04.

My properties file looks like this:

server.port=443

server.ssl=true

server.ssl.keystore=/opt/picapport/.picapport/photos.p12

server.ssl.password=redacted

server.ssl.keypassword=redacted

server.ssl.truststore=/opt/picapport/.picapport/trust.truststore

server.ssl.trustpassword=redacted

user.log.access=true

gui.enabled=false

robot.root.0.id=Photos

robot.root.0.path=/srv/photos

db.max.photos.per.query=10000




I will try and get a log file together later today.

Christopher Stack

unread,
Dec 3, 2021, 6:30:58 AM12/3/21
to PicApport
Here is a partial log, I removed the bottom half of the log, it appeared to be the photocrawler running successful. I should also say the program appears to be running, I just cannot access the webpage.
partial_log.txt

Christopher Stack

unread,
Dec 17, 2021, 5:14:09 PM12/17/21
to PicApport
Thanks for the quick turnaround! I can confirm that my server is working again with multiple Subject Alternate Names.
Reply all
Reply to author
Forward
0 new messages