Try with another crypto provider like BouncyCastle. Paulo
----- Original Message ----- From: "Felix Joussein" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, October 03, 2006 10:15 PM Subject: [iText-questions] using pfx / pkcs12 as keystore > Hello List, > > I'm struggling now for almost one day with using an openssl generated > .p12 file as my keystore. > I tried a lot of things with openssl and no doubt - I learned a lot, but > at the end I found out the following: > > By the way - I'm using TinyCA as openssl frontend - maybe this is the > problem but I don't think so... > Anyway: > I create a certificate + private key, then export it to a .p12 file - I > do this on the openssl shell. > Then I run: > > /usr/local/bin/pdfsigner.sh -c=/tmp/my.pfx -p=12345 > -i=/var/spool/pdfprint/smbprn.00000199.eGZuqx.pdf > -o=/var/spool/pdfprint/Unbenannt1.pdf -v=0 > Exception in thread "main" > java.security.cert.CertificateParsingException: java.io.IOException: > subject key, Unknown key spec: Invalid RSA modulus size. > at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:155) > at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1679) > at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:173) > at > sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:90) > at > java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:389) > at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.a(DashoA12275) > at > com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(DashoA12275) > at java.security.KeyStore.load(KeyStore.java:652) > at pdfsigner.sign(pdfsigner.java:109) > at pdfsigner.main(pdfsigner.java:72) > Caused by: java.io.IOException: subject key, Unknown key spec: Invalid > RSA modulus size. > at sun.security.x509.X509Key.parse(X509Key.java:155) > at > sun.security.x509.CertificateX509Key.<init>(CertificateX509Key.java:58) > at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:706) > at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:153) > ... 9 more > > > > after importing my .p12 file into Windows XP's certificates, and > exporting it again to a pfx, my java program, which just has thrown a > few exceptions and of course did not work, now it does. > > Her an excerpt of the relevant code: > > KeyStore ks = KeyStore.getInstance("pkcs12"); > try{ > ks.load(new FileInputStream(pfxNameVal), > pfxPassVal.toCharArray()); > } > catch (Exception ex) { System.out.println("Error while > reading the certificate - possible cause: Invalid password\nBelow is the > detailed error message:");throw ex;} > > String alias = (String)ks.aliases().nextElement(); > PrivateKey key = (PrivateKey)ks.getKey(alias, > pfxPassVal.toCharArray()); > java.security.cert.Certificate[] chain = > ks.getCertificateChain(alias); > PdfReader reader = new PdfReader(inPDFVal); > FileOutputStream fout = new FileOutputStream(outPDFVal); > > > Is there a way to skip the windows part in the process of creating > Java-suitable pfx's ? > Thank you all for your help in advanced, > > > Felix Joussein > > > > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share > your > opinions on IT & business topics through brief surveys -- and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > iText-questions mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/itext-questions ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions
