On 02/20/2004 05:14 PM Stewart Walker wrote:
Wondering if I my message is getting out there as as I've seen no response. Going to try again.
Could really use your help getting past the below error while trying to setup/import a server certificate.
The required jsse jar files are in $JAVA_HOME/jre/lib/ext
The IBMJava was installed during the Linux install. As far as I can tell it isn't running anything and $JAVA_HOME/bin is first in the path. But I still wonder.
keytool was run by root in $JAVA_HOME/bin
Haven't done anything with apache yet our web based servlet app is working on 8080 with tomcat. Thanks.
Linux ES 2.1 249-e.37 kernel j2sdk1.4.2_03 tomcat5.0.18
$PATH
/usr/kerberos/sbin: /usr/kerberos/bin: /usr/java/j2sdk1.4.2_03/bin: /opt/IBMJava2-131/bin: /opt/IBMJava2-131/jre/bin: /usr/local/sbin:/sbin:/usr/sbin: /bin:/usr/bin:/usr/bin/X11: /usr/local/bin: /usr/bin: /usr/X11R6/bin: /root/bin:
[EMAIL PROTECTED] ps aux |grep java root 2985 27.0 0.7 246712 29368 pts/5 S 08:38 0:04 /usr/java/j2sdk1. root 2986 0.0 0.7 246712 29368 pts/5 S 08:38 0:00 /usr/java/j2sdk1. this is just a snipit..
[EMAIL PROTECTED]/ca]#ls -l -rwxr-xr-x 1 root apache 785 Feb 18 10:16 ca.csr -rwxr-xr-x 1 root apache 887 Feb 18 10:16 ca.key -rwxr-xr-x 1 root apache 1066 Feb 18 10:17 ca.pem
[EMAIL PROTECTED] openssl req -new -newkey / rsa:1024 -nodes -out /usr/java/ssl/ca/ca.csr / -keyout /usr/java/ssl/ca/ca.key Using configuration from /usr/share/ssl/openssl.cnf Generating a 1024 bit RSA private key .............++++++ ......++++++ writing new private key to '/usr/java/ssl/ca/ca.key' ----- ok works fine
[EMAIL PROTECTED] openssl x509 -trustout / -signkey /usr/java/ssl/ca/ca.key / -days 720 -req -in /usr/java/ssl/ca/ca.csr / -out /usr/java/ssl/ca/ca.pem Signature ok subject=/C=US/ST=state/L=city/O=City state/OU=dept/CN=computer/Email=email Getting Private key ok works fine
[EMAIL PROTECTED] keytool -import -keystore / $JAVA_HOME/jre/lib/security/cacerts / -file /usr/java/ssl/ca/ca.pem -alias test_ca Enter keystore password: changeit Exception in thread "main" java.lang.ExceptionInInitializerError at javax.crypto.Cipher.a(DashoA6275) at javax.crypto.Cipher.getInstance(DashoA6275) at com.baltimore.jcrypto.provider.crypto.signatures.RSASignature.<init>([DashoPro- V1.3-013000]) at com.baltimore.jcrypto.provider.crypto.signatures.JCRYPTO_RSAwithMD5Signature. <init>([DashoPro-V1.3-013000]) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorI mpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructor AccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:274) at java.lang.Class.newInstance0(Class.java:308) at java.lang.Class.newInstance(Class.java:261) at java.security.Security.doGetImpl(Security.java:1137) at java.security.Security.doGetImpl(Security.java:1084) at java.security.Security.getImpl(Security.java:1045) at java.security.Signature.getInstance(Signature.java:169) at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:425) at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:383) at sun.security.tools.KeyTool.addTrustedCert(KeyTool.java:1251) at sun.security.tools.KeyTool.doCommands(KeyTool.java:512) at sun.security.tools.KeyTool.run(KeyTool.java:124) at sun.security.tools.KeyTool.main(KeyTool.java:118) Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs at javax.crypto.SunJCE_b.<clinit>(DashoA6275) ... 20 more Caused by: java.security.PrivilegedActionException: java.security.cert.CertificateException: OIDs::getInstance() - Cannot find any provider supporting RSA at java.security.AccessController.doPrivileged(Native Method) ... 21 more Caused by: java.security.cert.Cer tificateException: OIDs::getInstance() - Cannot find any provider supporting RSA at com.baltimore.jpkiplus.x509.JCRYPTO_X509Certificate.verify([DashoPro- V1.3-013000]) at javax.crypto.SunJCE_b.c(DashoA6275) at javax.crypto.SunJCE_b.b(DashoA6275) at javax.crypto.SunJCE_s.run(DashoA6275) ... 22 more
-- struts 1.1 + tomcat 5.0.16 + java 1.4.2 Linux 2.4.20 Debian
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]