Hi,
New to the community and have been trying out a local server this weekend when I got
the same error as you when using my owm private key (pem).
I have a workaround that involves not encrypting the pem file:
The first step creates the key and certificate:
openssl req -x509 -nodes -days 1825 -newkey rsa:2048 -keyout server.key -out server.crt
You will be prompted as usual for country code, state, city, etc.
The second step creates an unencrypted pem file from the key:
openssl pkcs8 -nocrypt -topk8 -inform PEM -outform PEM -in server.key -out server_nocrypt.pem
You wont be prompted from the encryption password.
You can test the pem file is ok:
openssl pkcs8 -nocrypt -in server_nocrypt.pem
Then copy the pem and crt to /tmp
cp ./server.crt /tmp
cp ./server_nocrypt.pem /tmp
The unix permissions on both of these files is 600.
The server.properties need to be edited as shown below. Note the
password field must be empty.
server.ssl.cert=/tmp/server.crt
server.ssl.key=/tmp/server_nocrypt.pem
server.ssl.key.pass=
Let me know if anything is unclear, etc.
Some background:
I run my local server (0.39.4) in a VirtualBox (5.2.10) Ubuntu 18.04
guest running on 18.04.
I built the server from source to put some diagnostics in.
I traced the error in sslContextHolder.java to a call to a netty
class. I tried an older and newer version of netty but didn’t make any
difference.