问题
I want to use a self-signed signature for ssl connections. I'm following this post.
My problem: After creating the Keystore my integrity-check fails.
Keytool-Error: java.io.IOException: KeyStore integrity check failed.
I'm still searching but maybe someone can save me some time.
回答1:
Make sure you are using the right password to open the keystore. I was having this error and turns out I was still using the password from the example code in trusted.load()
回答2:
I had the same problem where I tried to open a KeyStore file I saved locally and 2 reasons comes to mind:
- You are storing your
KeyStoreand loading it with a different password. - Your
KeyStorefile was damaged some how thus flagging the integrity check.
I'd suggest you try to save and load another file with the same password (fixed) just to see if it will load normally.
回答3:
I have found another corner case that can provoke this message.
I exported a PKCS12 keystore with openssl and then tried to import it into an existing keystore with keytool. I received the 'integrity check failed' error at this step despite the password being good when I listed the contents of the PKCS12 keystore.
The problem turned out to be because I'd used a password exactly 50 characters long. Although this is accepted by openssl, I understand that this is the maximum size of the buffer used and that the last character of the password get overwritten by an 'end of string' character.
Exporting the PKCS12 keystore again with a password of only 49 characters long fixed my issue.
回答4:
Ensure your keystore file is properly closed using FileOutputStream.close() or it will be marked as having lost integrity
来源:https://stackoverflow.com/questions/13125609/keystore-with-bouncycastleprovider-keystore-integrity-check-failed