Tls never works when using pkcs#12 keys but always works with PEM keys

I tried this with kibana setup, now this morning I was setting up ES.

same issue.

2020-06-12T10:22:05.913196070Z {"type": "server", "timestamp": "2020-06-12T10:22:05,883Z", "level": "ERROR", "component": "o.e.b.ElasticsearchUncaughtExceptionHandler", "": "docker-cluster", "": "8024ff5d1997", "message": "uncaught exception in thread [main]",
2020-06-12T10:22:05.913236441Z "stacktrace": ["org.elasticsearch.bootstrap.StartupException: ElasticsearchSecurityException[failed to load SSL configuration []]; nested: ElasticsearchException[failed to initialize SSL TrustManager]; nested: IOException[keystore password was incorrect]; nested: UnrecoverableKeyException[failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.];",
2020-06-12T10:22:05.913243241Z "at org.elasticsearch.bootstrap.Elasticsearch.init( ~[elasticsearch-7.7.0.jar:7.7.0]",
2020-06-12T10:22:05.913246920Z "at org.elasticsearch.bootstrap.Elasticsearch.execute( ~[elasticsearch-7.7.0.jar:7.7.0]",
2020-06-12T10:22:05.913250443Z "at org.elasticsearch.cli.EnvironmentAwareCommand.execute( ~[elasticsearch-7.7.0.jar:7.7.0]",
2020-06-12T10:22:05.913254223Z "at org.elasticsearch.cli.Command.mainWithoutErrorHandling( ~[elasticsearch-cli-7.7.0.jar:7.7.0]",
2020-06-12T10:22:05.913257648Z "at org.elasticsearch.cli.Command.main( ~[elasticsearch-cli-7.7.0.jar:7.7.0]",

This post does not include very much information that might be helpful to start to try and answer it. Questions like this often go unanswered. You can make it more likely to receive an answer by adding more information that you think would be helpful to readers, such as:

  • what are you trying to achieve
  • what have you configured already and exactly how
  • what do you expect to happen and what happens instead
  • details of the investigations that you have already performed
  • things you have already tried when looking for a solution
  • requests made to Elasticsearch and their responses (properly formatted using the </> button or pairs of triple backticks (```), log messages, including any stack traces (also properly formatted using </> or backticks)

It would be great if you could update your post to solve this.


Without waiting, I was able to get it working with pen instead of pkcs. I'm ok for now.

This works as per the document

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.