Skip to main content
Skip table of contents

"java.security.UnrecoverableKeyException: requested entry requires a password" after creating SAML keystore

When using OpenJDK 11, you may find that the method for creating a SAML keystore described in https://doc.igrafx.com/doc/installation-guide/post-deployment-steps/configuring-authentication/saml-authentication-adfs-okta-centrify-azure-ad#SAMLAuthentication(ADFS,Okta,Centrify,AzureAD)-SetupaSAML2keystore does not work because the key being generated is not protected by a password - trying to log in via SAML will give you an unspecified error, and the server.log file will contain the error message "java.security.UnrecoverableKeyException: requested entry requires a password".

To resolve this, delete the samlkeytsore.jks and create a new one using the command

keytool -genkey -keyalg RSA -alias %KEYALIAS% -keystore samlKeystore.jks -keypass %KEYPASS% -validity 360 -keysize 2048

This command will set the key password you specify and will prompt for a store password afterwards. These passwords then need to be added to the igrafx.properties file as described in .SAML Authentication (ADFS, Okta, Centrify, Azure AD) v17.8

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close