tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Cain <cc...@mhsoftware.com>
Subject Re: Cannot set up certs for trusted CAs exception ( JCE and tomcat an d cocoon2.0)
Date Thu, 30 Aug 2001 03:44:18 GMT
Hi there. I frequently do crypto in servlets, and I have not personally run 
into any problems. The only relevant difference between your environment and 
some of mine, as far as I can tell, is that while I have heard of Cocoon, I 
have no idea what it is =)

Also, I'm a little confused as to why you would be getting a message about 
certs when it sounds like you are simply doing en/decryption. What provider are 
you using? Are you simply using the Sun provider that comes with the JCE?

If possible, could you please remove cocoon from the equation and try a test 
case of what you are basically attemping from inside a standard servlet? I'd 
like to help you track it down, but we need to eliminate cocoon as a suspect 
first, and remove it from the picture. Otherwise, that's quite a complicated 
environment to trace through =)

- Christopher

Quoting "SUBRAHMANYAM,VEENA (HP-MountainView,ex1)" <veena_subrahmanyam@hp.com>:

> Hi
> 
> I have been experiencing some problems using JCE, in the tomcat
> environment.
> 
> I am using tomcat 3.2.2, and JCE 1.2.1., xerces_1_4_1.jar, cocoon 2.0
> ...
> 
> I am using JCE to encrypt and decrypt some XML docs. The program to
> encrypt
> and decrypt works in standalone mode. But when it is run within the
> servlet
> env, an "java.lang.SecurityException: Cannot set up certs for trusted
> CAs"
> exception is thrown at the the following lines of code: 
>  Cipher cipherDes = Cipher.getInstance("DES/ECB/PKCS5Padding");
>  secretKeyDesKey = KeyGenerator.getInstance("DES").generateKey();
> 
> (the detailed stack trace is pasted at the bottom of this email)
> 
> I have found that this exception has been reported to be thrown, by
> various
> people, in the tomcat archives, due to classloader hierarchy problems,
> JarURLConnection / WARConnection clashes etc.
> I have found emails that allude to a fix, if some set of these jars
> are
> placed in the tomcat-home/lib dir instead of the
> tomcat-home/webapps/cocoon/web-inf/lib dir, but have not been able to
> locate
> further info....(my JCE 1.2.1 related jars, xerces.jar, etc are all in
> the
> tomcat-home/webapps/cocoon/web-inf/lib directory).
> 
> I think this, or a flavor of this problem is a known bug in tomcat...
> 
> Can someone, give me a workaround or a fix or a guestimate for the
> resolution?
> 
> Thanx in advance..
> 
> Veena
> 
> P.s:
>  The exception I get is as follows: 
> ------------------------------------------------------------
> 2001-08-29 07:09:13 - Ctx( /cocoon ): Exception in: R( /cocoon +
> /request1 +
> null) - java.lang.ExceptionInInitializerError:
> java.lang.SecurityException:
> Cannot set up certs for trusted CAs
>         at javax.crypto.b.<clinit>([DashoPro-V1.2-120198])
>         at javax.crypto.Cipher.getInstance([DashoPro-V1.2-120198])
>         at
> org.apache.cocoon.transformation.XmlEncryptor.encryptElement(XMLEncryptionTr
> ansformer.java:453)
>         at
> org.apache.cocoon.transformation.XmlEncryptor.encryptChildNodes(XMLEncryptio
> nTransformer.java:335)
>         at
> org.apache.cocoon.transformation.XmlEncryptor.encrypt(XMLEncryptionTransform
> er.java:295)
>         at
> org.apache.cocoon.transformation.XMLEncryptionTransformer.endElement(XMLEncr
> yptionTransformer.java:154)
>         at
> org.apache.xerces.parsers.SAXParser.endElement(SAXParser.java:1403)
>         at
> org.apache.xerces.validators.common.XMLValidator.callEndElement(XMLValidator
> .java:1385)
>         at
> org.apache.xerces.framework.XMLDocumentScanner$ContentDispatcher.dispatch(XM
> LDocumentScanner.java:1205)
>         at
> org.apache.xerces.framework.XMLDocumentScanner.parseSome(XMLDocumentScanner.
> java:381)
>         at
> org.apache.xerces.framework.XMLParser.parse(XMLParser.java:952)
>         at
> org.apache.cocoon.components.parser.JaxpParser.parse(JaxpParser.java:72)
>         at
> org.apache.cocoon.generation.StreamGenerator.generate(StreamGenerator.java:1
> 09)......
> 
> ----------------------------------------
>  
> 

Mime
View raw message