I tried to upload keystore jar, and get 400

Not applicable

I am trying to setup 2 way SSL and tried to upload the keystore, but i get below error.

HTTP/1.1 400 Bad Request

Connection:
keep-alive
Content-Length:
238
Content-Type:
application/json
Date:
Sat, 11 Jun 2016 05:46:36 GMT
Server:
Apigee Router
<code>{
  "code": "messaging.config.beans.KeyParseFailure",
  "message": "Failed to parse the Key file : apigeeJCPKeyStore",
  "contexts": [],
  "cause": {
    "message": "Invalid rsa key, reason - bad decrypt",
    "contexts": []
  }
}
1 5 508
5 REPLIES 5

Hi @Ameenun,

Based on the error cause "Invalid rsa key, reason - bad decrypt", it looks like there's some issue with your private key related to decryption. You can use the below command to check if it's a valid RSA key or not

openssl rsa -in privatekey.pem -check

Note: Replace privatekey.pem with the name of the file containing your private key

This should hopefully give more information on what's the issue with the private key.

Regards,

Amar

Thanks Amar, I already fugured it out.

Hi @Ameenun,

Good to know you were able to resolve the issue. Could you please share the info on what was the issue and how did you resolve it ?

It will be helpful to others if they find the same issue.

Thanks,

Amar

Not applicable

@AMAR DEVEGOWDA I ran in to the same error when i had used a encrypted private key in keystore jar. The solution was to unencrypt the priviate key by using the following command:

openssl rsa -in [file1.key] -out [file2.key]

Enter the passphrase and [file2.key] is now the unprotected private key.

The output file: [file2.key] should be unencrypted. To verify this open the file using a text editor and view the headers.

Encrypted headers look like this:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,


6AC307785DD187EF...
-----END RSA PRIVATE KEY-----


Unecrypted headers look like this:

-----BEGIN RSA PRIVATE KEY-----
6AC307785DD187EF...
-----END RSA PRIVATE KEY-----

@Arun Kumar,

Thanks for sharing this information. It's pretty useful.