Shibboleth IDP 4 SSL Keystore error

Timo Brunn timo at
Tue Jun 27 18:22:29 UTC 2023


Im currently having trouble supplying an self-signed SSL Certificate to 
a shibboleth IDP:

Im generating the self-signed certificate using:

/keytool -genkeypair -alias jetty -validity 365 -keyalg RSA -keysize 
2048 -keystore /opt/shibboleth-idp/idp-userfacing.p12 -storetype pkcs12

/My idp.ini is setup to use the default keystore.

Starting jetty i get the following error:

Exception in thread "main" keystore password was 

I double and triple checked the keystore password and it is correct. 
Keytool is able to open the store
I even tried using the default password but that still doesn't work.

Using Shibboleth IDP 4.3.1
Jetty 10.0.15

I hope someone can help me out here.

Mit freundlichen Grüßen/Best Regards
*Timo Brunn*

Website: <>
/Um ihre Echtheit zu bestätigen, wurde diese E-Mail digital signiert.
To prove its authenticity, this E-Mail has been digitally signed./
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4488 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the users mailing list