...
Warning |
---|
If you use --keystoreProvider to load a provider dynamically, you must not also load that provider statically through the java.security configuration file as this will cause two copies of the provider to be loaded. This will result in hard to debug errors, such as "Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding " or "No installed provider supports this key ". |
Here is an example command line fragment:
...
Warning |
---|
The sun.security.pkcs11.SunPKCS11 provider is not available for use in this way in Java 9 or later. You will instead receive the following error: ERROR CredentialHelper - Keystore provider class does not provide a String-argument constructor
|
The configuration file's contents might look like this:
...
Warning |
---|
If you modify the java.security file to statically load a provider, you must not also use the –keystoreProvider option to load it dynamically as this will cause two copies of the provider to be loaded. This will result in hard to debug errors, such as "Private keys must be instance of RSAPrivate(Crt)Key or have PKCS#8 encoding " or "No installed provider supports this key ". |
Using --keystore
instead of --pkcs11Config
...