cfml

trying to add an actual SSL cert to server.json.  starting with a wildcard .pfx, one of my colleagues extracted the .crt and .key files using openssl.  i've added these to server.json like so:
```
    "web":{
        "host":"${HOST}",
        "webroot":"www",
        "SSL":{
            "enable":"true",
            "port":"8443",
            "certFile":"./certs/domainname.org.crt",
            "keyFile":"./certs/domainname.org.key"
        },
        "rewrites":{
            "enable":"true"
        }
    },```
but getting an exception on server start (more in thread)

getting the following exception:
```[INFO ] Runwar: Starting RunWAR 4.5.2
[INFO ] Runwar: HTTP2 Enabled:true
[INFO ] Runwar: Enabling SSL protocol on port 8443
[ERROR] Runwar: Unable to start SSL:Could not load certificate
[ERROR] java.io.IOException: Could not load certificate
[ERROR] at runwar.security.SSLUtil.createSSLContext(SSLUtil.java:78)
[ERROR] at runwar.Server.startServer(Server.java:266)
[ERROR] at runwar.Start.main(Start.java:123)
[ERROR] Caused by: java.lang.ClassCastException: class org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo cannot be cast to class org.bouncycastle.asn1.pkcs.PrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo and org.bouncycastle.asn1.pkcs.PrivateKeyInfo are in unnamed module of loader 'app')
[ERROR] at runwar.security.SSLUtil.loadPemPrivateKey(SSLUtil.java:261)
[ERROR] at runwar.security.SSLUtil.keystoreFromDERCertificate(SSLUtil.java:184)
[ERROR] at runwar.security.SSLUtil.createSSLContext(SSLUtil.java:70)```

the .key file has a password on it, would that cause this, or is there something else i'm missing

Try adding "keyPass":"yourPassword" in the SSL node

same exception.  i do see PKCS8 in the exception above, and after asking i'm being told the files were extracted with PKCS12 which is how they're exported from IIS (i'm told)

Mine is identified by lucee as: RSA PKCS#8

yeah, trying now to see how to go about converting from 12 to 8