java.io.IOException: Invalid keystore format using Tomcat server
On enabling ssl mode in Tomcat 7, I'm getting the following error on my tomcat logs
I have genrated .key file using openssl like below
openssl genrsa -des3 -out localhost 2048
And I given the path to my key file in tomcat server.xml
SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-bio-8443"] java.io.IOException: Invalid keystore format
openssl genrsa -des3 -out localhost 2048 generates a private key. What you need to run a web server using HTTPS is a private key and a certificate. You'll need a step to generate a certificate.
You can configure HTTPS in Tomcat using 2 almost completely different approaches, depending on whether you're using the APR connector or not.
If you're using the APR connector, it makes sense to use OpenSSL to generate the keys/certificate, since it's the format it expects. (There are a number of tutorials to generate self-signed certificates with OpenSSL, if a self-signed certificate is sufficient for your environment.)
If you're not using APR, you would have to convert the keys/cert generated with OpenSSL into a keystore format supported by your JRE. Coming from OpenSSL, converting your private key + certificate into a PKCS#12 store (.p12) is usually the easiest: this is supported directly via Oracle/OpenJDK with the PKCS12 keystore type. (You could convert your PKCS#12 file into a JKS store, but that's not necessary.)
However, if you don't have any keys/cert yet, the easiest way to generate a self-signed certificate for Tomcat is to use keytool directly. This will produce a JKS keystore, which is the default type. keytool -genkey not only generates a key/pair and enough to produce a CSR, but it associates a self-signed certificate (at least temporarily until you import the certificate coming from a CA if necessary).