java.security.spec.InvalidKeySpecException: Neither RSA, DSA nor EC worked

inked · April 28, 2020, 12:11am

Hi,

I’ve renewed a wild card cert and now I get this error with my graylog server not starting up.

I’m on version 2.5.xxx.
The old key still works but obviosuly its expired so comes up as not secure.There is read permissions for the graylog user on the key file.
Did a cert check,
openssl rsa -in mycert.key -check
I did this on the old and new one and both returned as RSA and ok.
My key and pem bundled file work fine elsewhere where I use it, just not on Graylog.
Here is my java version details,
openjdk version “1.8.0_232”
OpenJDK Runtime Environment (build 1.8.0_232-b09)

I haven’t imported the key into the java keystore as its not a self signed cert, do I still need to do this?
Anyone have any ideas please?
Really stuck.

shoothub · April 28, 2020, 10:23am

How did you created certificate? Did you changed private key file, or only generate new certificate (extend period) in renewal task?

Check if your certificate file contains intermediate + certificate concatenated in one file.

system · May 12, 2020, 10:23am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Graylog blew up after adding SSL Cert Graylog Central (peer support)	5	1895	June 23, 2017
Issues with a new certificate Graylog Central (peer support)	12	4752	July 16, 2018
Strange certificate issue (Caused by: java.security.KeyStoreException: Key protection algorithm not found: java.security.KeyStoreException: Certificate chain is not valid) Graylog Central (peer support)	13	6734	March 9, 2020
Unreadable or missing HTTP X.509 certificate Graylog Central (peer support)	14	3603	March 27, 2020
How to setup SSL in Graylog with valid cert and key files Graylog Central (peer support)	3	7343	December 18, 2017

java.security.spec.InvalidKeySpecException: Neither RSA, DSA nor EC worked

Related topics