santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ed Sweet" <edsw...@gmail.com>
Subject Re: Keystore exception when signing document.
Date Wed, 30 Aug 2006 10:23:27 GMT
Hi Arshad,

Thanks for the reply.

How does the code you supplied differ from the PKCS12Import tool [1] found
in the Jetty distribution?

I'm using PKCS12Import to convert my .p12 file to .jks.

Ed.

[1] http://mortbay.org/apidocs/org/mortbay/jetty/security/PKCS12Import.html

On 30/08/06, Arshad Noor <arshad.noor@strongauth.com> wrote:
>
> If the supplier gave you a PKCS12 file, then feel free to use the
> following to import the key and certificate into your JKS keystore.
> Not a lot of error-checking in here, since I use it for my personal
> use.
>
> Arshad Noor
> StrongAuth, Inc.
>
>
> ------------------------
>
> import java.security.*;
> import java.io.*;
>
> class p12jkstool
> {
>      static public void main(String[] args) throws Exception
>      {
>          if (args.length < 7)
>          {
>              System.err.println("Usage: java p12TOjks <pkcs12-file>
> <pkcs12-password> <pkcs12-alias> <jks-keystore> <jks-password>
> <jks-alias> <new-jks-keystore>");
>              return;
>          }
>
>          String p12file  = args[0];
>          String p12pin   = args[1];
>          String p12alias = args[2];
>          String jksfile  = args[3];
>          String jkspin   = args[4];
>          String jksalias = args[5];
>          String newjks   = args[6];
>
>          try
>          {
>              //pkcs12 keystore
>              KeyStore pks = KeyStore.getInstance("pkcs12");
>              //jks keystore
>              KeyStore jks = KeyStore.getInstance("jks");
>
>              // load the pkcs12 file
>              pks.load(new FileInputStream(p12file), p12pin.toCharArray());
>
>              // load the jks file (have to have an existing one)
>              jks.load(new FileInputStream(jksfile), jkspin.toCharArray());
>
>              //read the p12 certificate
>              java.security.cert.Certificate [] cc =
> pks.getCertificateChain(p12alias);
>              Key k = pks.getKey(p12alias, p12pin.toCharArray());
>
>              // add to keystore and save
>              jks.setKeyEntry(jksalias, k, jkspin.toCharArray(), cc);
>              FileOutputStream out = new FileOutputStream(newjks);
>              jks.store(out, jkspin.toCharArray());
>              out.close();
>              System.out.println("Transferred P12 key to new JKS
> keystore: " + newjks);
>
>          } catch (Exception ex) {
>              ex.printStackTrace();
>          }
>      }
> }
>
> ------------------------
>
> Ed Sweet wrote:
> >
> > My main question here is what procedure should I be using to create the
> > keystore from keys/certificates supplied by a thrid-party? I can use the
> > test keystore supplied with the xml-security library with my code no
> > problem, it's just when I try and use a keystore I've created myself I
> > get this exception. What procedure do you use?
> >
> > Thanks for your help,
> >
>
>

Mime
View raw message