MID Servers Web Server Extension set to use a Certificate, may fail to start after upgrade to Paris (newer jetty version uses deprecated SSL package, breaking certificate chains)


Description

MID Servers Web Server Extension set to use a Certificate, may fail to start after upgrade to Paris. An upgrade of the "jetty" version caused usage of a deprecated SSL package, which brakes usage of certificate chains on mid web server.

Steps to Reproduce

  1. On a Paris Instance
  2. Create keystore with an entry containing a server certificate chain.
  3. Import that keystore to the <mid_installation directory>/keystore as webserver_keystore.jceks
  4. Create mid web server using the above keystore to establish secure connection (provide password to keystore and entry inside it and alias if required).
  5. Start the extension.
  6. Observere the following error: 
Error: java.lang.IllegalStateException: KeyStores with multiple certificates are not supported on the base class org.eclipse.jetty.util.ssl.SslContextFactory

Workaround

This problem has been fixed. If you are able to upgrade, review the Fixed In or Intended Fix Version fields to determine whether any versions have a planned or permanent fix.


Related Problem: PRB1442388