HTTPS not working with Keystore

[Boreal34]

Request Type

Bug or misunderstanding.

Work Environment

| OS version (server) | Centos 7
| OS version (client) | Any OS, but tried on a Centos 7 client
| TheHive version / git hash | Last 3.0.10
| Package Type | RPM
| Browser type & version | firefox latest

Problem Description

I created a keystore to enable HTTPS one my thehive instance. Here, with the simple need to have a self-signed certificated simply to secure the communication between clients and the server.
So I use keytool on the basis of the digitalocean tutorial you provide in the configuration section of the git.

After that, i'm able to use thehive on the 9443 port, but when I try to retrieve information regarding the connection, I noticed that the communication is still working with a classic http protocol (firefox says me that it's not a secure connection (still http), btw, I have no information about the certificate which I have provided when creating the keystore....).

When I try an https://127.0.0.1:9443, it failed, saying me this exact sentence hereafter :
"SSL_ERROR_RX_RECORD_TOO_LONG" error on a blank page.
So I suppose I did something wrong regarding the configuration...
If someone could help me on this ! Thanks in advance...

My keystore pass is ok, I disable the default http port like you sayed, the path of the keystore is ok too.

Steps to Reproduce

1. Create a keystore, here it's a fresh install of thehive, only with http activated, on a local instance.

2. for this, follow "Generate Self-Signed Certificate in New/Existing Keystore" on https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores. with the pass Azerty1234:! and with the exact same command provided by DigitalO (I doesn't change the "domain" parmeter, should I've ?).

3. set to disable the http.port line in application.conf and change a few parameters provided here : the pass and the path of the keystore :
   https://github.com/TheHive-Project/TheHiveDocs/blob/master/admin/configuration.md#10-https

4- Test the connexion. Showing me the error above in https, and allow only an http connection for 9443 port.

[Boreal34]

OK I will answer for other people that could help,

after checking the application.log, i saw first an "keystore not found"

--> the problem was not a bad location, but a problem of right.

Take care to change the location of the keystore to /etc/thehive/

-->I also have a "keystore tempered" error cause I have change the rights trying to help.
Don't change it, but place it to /etc/thehive/.

Please include this in the doc for beginners.
ThX !