Wrong keystore version could mean that you do not use the BKS format
but JKS.
I had to write a converter:
package org.webpki.tools;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.Enumeration;
import java.security.KeyStore;
import java.security.Key;
import java.security.Security;
import java.security.cert.Certificate;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class JKS2BKSConverter
{
public static void main (String argv[]) throws Exception
{
if (argv.length != 4)
{
System.out.println (JKS2BKSConverter.class.getName () + "
jksfile bksfile/-same storepass keypass");
System.exit (3);
}
Security.addProvider (new BouncyCastleProvider ());
KeyStore jks = KeyStore.getInstance ("JKS");
jks.load (new FileInputStream (argv[0]), argv[2].toCharArray
());
KeyStore bks = KeyStore.getInstance ("BKS");
bks.load (null, null);
Enumeration<String> aliases = jks.aliases ();
while (aliases.hasMoreElements ())
{
String alias = aliases.nextElement ();
if (jks.isKeyEntry (alias))
{
Certificate[] chain = jks.getCertificateChain (alias);
Key key = jks.getKey (alias, argv[3].toCharArray ());
bks.setKeyEntry (alias, key, argv[3].toCharArray (),
chain);
}
else if (jks.isCertificateEntry (alias))
{
Certificate certificate = jks.getCertificate (alias);
bks.setCertificateEntry (alias, certificate);
}
else
{
throw new Exception ("Bad KS");
}
}
bks.store (new FileOutputStream (argv[1].equals ("-same") ?
argv[0] : argv[1]), argv[2].toCharArray ());
}
}
On Nov 5, 9:02 am, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
> Yes that's what I see everywhere. but, i can't change my API or
> cartificate...
> So I'm destine to search & search solution...
>
> I try to put a certificate in keystore, and to load it from my app.
> but i have an IOexception : Wrong verion of Key Store.
> I really don't understand.
>
> Source :
> KeyStore trustStore =
> KeyStore.getInstance(KeyStore.getDefaultType());//
> KeyStore.getDefaultType()
> FileInputStream in = new FileInputStream(new File("data/data/
> com.alu.myic.android/my.trustore3"));
> try {
> trustStore.load(in, "coucou".toCharArray());} finally {
> in.close();
> }
>
> SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
> SchemeRegistry registry = new SchemeRegistry();
> registry.register(new Scheme("https", socketFactory, 443));
>
> regards,
> SC
>
> On 4 nov, 10:09, "Guillaume Perrot" <[EMAIL PROTECTED]> wrote:
>
>
>
> > We have a trusted one at our software company which is working but I wanted
> > to add an option to trust self signed certificate in the application.
> > I still don't have a solution for that, except using URLConnection API which
> > works well with the AllowAllHostnameVerifier. Theproblemis with the
> >HTTPClientAPI.
>
> > 2008/11/4 [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>
> > > have you success yourhttpsconnection?
> > > I don't know how to do with the not trusted certificate.
>
> > > thx
>
> > > On 23 oct, 09:23, Guillaume Perrot <[EMAIL PROTECTED]> wrote:
> > > > Caused by:
> > > > java.security.cert.CertPathValidatorException: TrustAnchor for
> > > > CertPath not found.
>
> > > > On 23 oct, 10:20, "Guillaume Perrot" <[EMAIL PROTECTED]> wrote:
>
> > > > > Yes I had, though it's not in my sample code.
> > > > > The verification that fails is not the hostname, but later when
> > > checking the
> > > > > certificate.
> > > > > And I didn't find a class such as "AllowAllSelfSignedCertificates".
>
> > > > > 2008/10/23 Sean Sullivan <[EMAIL PROTECTED]>
>
> > > > > > Have you tried using
> > > > > > org.apache.http.conn.ssl.AllowAllHostnameVerifier ?
>
> > >http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/module-c...
>
> > > > > > Sean
>
> > > > > > On Oct 17, 7:07 am, Guillaume Perrot <[EMAIL PROTECTED]>
> > > wrote:
> > > > > > > On android 1.0 I tried to connect to myhttpsserver which uses a
> > > self-
> > > > > > > signed certificate:
> > > > > > > Here is my code, which uses a custom hostname verifier:
> > > > > > > /* Create and initialize HTTP parameters */
> > > > > > > HttpParams params = new BasicHttpParams();
> > > > > > > ConnManagerParams.setMaxTotalConnections(params, 2);
> > > > > > > HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
>
> > > > > > > /* Create and initialize scheme registry */
> > > > > > > SchemeRegistry schemeRegistry = new SchemeRegistry();
> > > > > > > schemeRegistry.register(new Scheme("http", PlainSocketFactory
> > > > > > > .getSocketFactory(), 80));
> > > > > > > SSLSocketFactory sslSocketFactory =
> > > > > > > SSLSocketFactory.getSocketFactory();
> > > > > > > sslSocketFactory.setHostnameVerifier(new
> > > > > > > X509HostnameVerifier()
> > > > > > > {
> > > > > > > @Override
> > > > > > > public boolean verify(String host, SSLSession session)
> > > > > > > {
> > > > > > > return true;
> > > > > > > }
>
> > > > > > > @Override
> > > > > > > public void verify(String host, SSLSocket ssl) throws
> > > > > > > IOException
> > > > > > > {
> > > > > > > /* Nothing to do */
> > > > > > > }
>
> > > > > > > @Override
> > > > > > > public void verify(String host, X509Certificate cert) throws
> > > > > > > SSLException
> > > > > > > {
> > > > > > > /* Nothing to do */
> > > > > > > }
>
> > > > > > > @Override
> > > > > > > public void verify(String host, String[] cns, String[]
> > > > > > > subjectAlts)
> > > > > > > throws SSLException
> > > > > > > {
> > > > > > > /* Nothing to do */
> > > > > > > }
> > > > > > > });
> > > > > > > schemeRegistry.register(new Scheme("https", sslSocketFactory,
> > > > > > > 443));
>
> > > > > > > /* Allow multiple threads (two in our case) to access the HTTP
> > > > > > > client */
> > > > > > > ClientConnectionManager cm = new
> > > > > > > ThreadSafeClientConnManager(params,
> > > > > > > schemeRegistry);
> > > > > > > mHttpClient = new DefaultHttpClient(cm, params);
>
> > > > > > > try
> > > > > > > {
> > > > > > > HttpGet ping = new HttpGet(mConnectionManagerURL);
> > > > > > > HttpResponse response = mHttpClient.execute(ping);
> > > > > > > HttpEntity entity = response.getEntity();
> > > > > > > if (entity != null)
> > > > > > > entity.consumeContent();
> > > > > > > }
> > > > > > > catch (IOException ioe)
> > > > > > > {
> > > > > > > ioe.printStackTrace();
> > > > > > > shutdown();
> > > > > > > throw ioe;
> > > > > > > }
> > > > > > > catch (Exception e)
> > > > > > > {
> > > > > > > e.printStackTrace();
> > > > > > > shutdown();
> > > > > > > throw new IOException(e.getMessage());
> > > > > > > }
>
> > > > > > > I have the following exception in stack trace:
>
> > > > > > > 10-17 13:46:23.484: ERROR/ubikim-streams(783):
> > > > > > > javax.net.ssl.SSLException: Not trusted server certificate
> > > > > > > 10-17 13:46:23.554: ERROR/ubikim-streams(783): at
>
> > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
> > > > > > > 353)
> > > > > > > 10-17 13:46:23.654: ERROR/ubikim-streams(783): at
> > > > > > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl
> > > > > > > $SSLInputStream.<init>(OpenSSLSocketImpl.java:491)
> > > > > > > 10-17 13:46:23.704: ERROR/ubikim-streams(783): at
>
> > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:
> > > > > > > 432)
> > > > > > > 10-17 13:46:23.784: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.io.SocketInputBuffer.<init>(SocketInputBuffer.java:
> > > > > > > 93)
> > > > > > > 10-17 13:46:23.844: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.SocketHttpClientConnection.createSessionInputBuffer(SocketHttpClientConnection.java:
> > > > > > > 83)
> > > > > > > 10-17 13:46:23.894: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.conn.DefaultClientConnection.createSessionInputBuffer(DefaultClientConnection.java:
> > > > > > > 170)
> > > > > > > 10-17 13:46:23.944: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.SocketHttpClientConnection.bind(SocketHttpClientConnection.java:
> > > > > > > 106)
> > > > > > > 10-17 13:46:24.035: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.conn.DefaultClientConnection.openCompleted(DefaultClientConnection.java:
> > > > > > > 129)
> > > > > > > 10-17 13:46:24.085: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:
> > > > > > > 136)
> > > > > > > 10-17 13:46:24.135: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:
> > > > > > > 164)
> > > > > > > 10-17 13:46:24.185: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:
> > > > > > > 119)
> > > > > > > 10-17 13:46:24.275: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:
> > > > > > > 348)
> > > > > > > 10-17 13:46:24.325: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:
> > > > > > > 555)
> > > > > > > 10-17 13:46:24.375: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:
> > > > > > > 487)
> > > > > > > 10-17 13:46:24.425: ERROR/ubikim-streams(783): at
>
> > > org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:
> > > > > > > 465)
> > > > > > > 10-17 13:46:24.504: ERROR/ubikim-streams(783): at
> > > > > > > com.ubikod.smackx.bosh.BoshSession.<init>(BoshSession.java:105)
> > > > > > > 10-17 13:46:24.554: ERROR/ubikim-streams(783): at
> > > > > > > com.ubikod.smackx.bosh.BoshSocket.<init>(BoshSocket.java:15)
> > > > > > > 10-17 13:46:24.594: ERROR/ubikim-streams(783): at
>
> > > com.ubikod.smackx.bosh.BoshSocketFactory.createSocket(BoshSocketFactory.java:
> > > > > > > 27)
> > > > > > > 10-17 13:46:24.644: ERROR/ubikim-streams(783): at
>
> > > org.jivesoftware.smack.XMPPConnection.connectUsingConfiguration(XMPPConnection.java:
> > > > > > > 818)
> > > > > > > 10-17 13:46:24.734: ERROR/ubikim-streams(783): at
> > > > > > > org.jivesoftware.smack.XMPPConnection.connect(XMPPConnection.java:
> > > > > > > 1276)
> > > > > > > 10-17 13:46:24.774: ERROR/ubikim-streams(783): at
> > > > > > > com.ubikod.android.ubikim.service.UbikIMService
> > > > > > > $1.run(UbikIMService.java:476)
> > > > > > > 10-17 13:46:24.844: ERROR/ubikim-streams(783): Caused by:
> > > > > > > java.security.cert.CertificateException:
> > > > > > > java.security.cert.CertPathValidatorException: TrustAnchor for
> > > > > > > CertPath not found.
> > > > > > > 10-17 13:46:24.945: ERROR/ubikim-streams(783): at
>
> > > org.apache.harmony.xnet.provider.jsse.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:
> > > > > > > 158)
> > > > > > > 10-17 13:46:25.005: ERROR/ubikim-streams(783): at
>
> > > org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:
> > > > > > > 349)
> > > > > > > 10-17 13:46:25.035: ERROR/ubikim-streams(783):
>
> ...
>
> read more »- Hide quoted text -
>
> - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
[EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
