Truststore Issues When Migrating From JDK 8 to JDK 9+ With Bouncy Castle As the FIPS Provider (And Possibly Other Providers)

Applies To

Java SE JDK and JRE - Version 9 and later
Information in this document applies to any platform.

Symptoms

Truststore issues are seen when migrating from Java 8 to Java 11 using Bouncy Castle as the FIPs provider (and possibly other providers). An error trace example is here:

Caused by: java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.
    at java.base/sun.security.util.DerInputStream.getLength(DerInputStream.java:603)
    at java.base/sun.security.util.DerValue.init(DerValue.java:390)
    at java.base/sun.security.util.DerValue.(DerValue.java:331)
    at java.base/sun.security.util.DerValue.(DerValue.java:344)
    at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1973)
    at java.base/java.security.KeyStore.load(KeyStore.java:1479)
    at org.glassfish.jersey.SslConfigurator.createSSLContext(SslConfigurator.java:715)

Cause

In JDK 9, Java transitioned the default keystore type from JKS to PKCS12. See JDK-804445.

The default keystore.type security property setting, as defined in the standard java.security file, was changed from JKS to PKCS12. This dual format support means that the PKCS12 type Keystore implementation provided by the SunJSSE provider can load a PKCS12 format file or a JKS format file.

The default Java truststore ([JAVA_HOME]/lib/security/jssecacerts or [JAVA_HOME]/lib/security/cacerts) remains a JKS format file. The PKCS12 type keystore implementation provided by the SunJSSE provider can load the default truststore, even if it is a JKS format file, because it has dual format support.

Note that the JDK cacerts truststore was converted to PKCS12 format in JDK 18. See JDK-8275252.

Some keystore format properties are controlled via security properties. See the java.security file:

#
# Default keystore type.
#
keystore.type=pkcs12
#
# Controls compatibility mode for JKS and PKCS12 keystore types.
#
# When set to 'true', both JKS and PKCS12 keystore types support loading
# keystore files in either JKS or PKCS12 format. When set to 'false' the
# JKS keystore type supports loading only JKS keystore files and the PKCS12
# keystore type supports loading only PKCS12 keystore files.
#
keystore.type.compat=true

Note that the keystore implementations provided by the BCFIPS provider do not claim to support PKCS12 format keystores. Consequently, in a system configured with the BCFIPS provider in position #1 and the SunJSSE provider configured further down the provider list, it will be the SunJSSE provider that will provide the PKCS12 type keystore implementation.

Solution

This issue can be resolved by either one of the following options:

Setting the Java system property javax.net.ssl.trustStoreType to jks.
If you prefer to use PKCS12, you can convert your JKS keystores using the -importkeystore option of the keytool utility. See the documentation for the keytool utility.
Upgrade to a newer version of Bouncy Castle (BC). BC does seem to have made some interoperability fixes in recent years: Attempting to load the default cacerts fails on Java 9 #663

Last reviewed on Sat Feb 01 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

Would you like our truststore expert to take a look at your issue?

Security Resources