tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "SUBRAHMANYAM,VEENA (HP-MountainView,ex1)" <veena_subrahman...@hp.com>
Subject RE: Cannot set up certs for trusted CAs exception ( JCE and tomca t an d cocoon2.0)
Date Thu, 30 Aug 2001 18:14:03 GMT
I tried out your  following suggestions on tomcat 3.2.2 - No luck ;-)
 1. I placed the JCE1.2.1.jar and the jce-provider.jar the tomcat.home/lib,
and jre/lib/ext, and the webInf/dir.- No luck
 2. I placed the  following line in the server.xml file.
    <RequestInterceptor
className="org.apache.tomcat.request.Jdk12Interceptor" /> (This is all I
have to do, in order to add    the Jdk12Interceptor. Right?)
 3. My classpath and path point to jdk1.3 properly.

I installed the 3.3beta1 . I like it!! but No Luck ;-)
 1. Since I need to run Cocoon, I replaced the jaxp.jar, and Crimson.jar
with the xerces.jar.
 2. All my jars are in web-inf  - no luck
 3. copied the 2 jce jars and xerces into tomcat /lib and into jre/lib/ext -
no luck

Help!!

Thanx
:-)

Veena

P.S: I don't know if you are interested in scanning the code, but I am
attaching it just in case....
It is a cocoon transformer. but the lines that are generateing the erro, are
lines 453 and on. (i.e)
            Cipher cipherDes = Cipher.getInstance("DES/ECB/PKCS5Padding");
            secretKeyDesKey = KeyGenerator.getInstance("DES").generateKey();
            cipherDes.init(Cipher.ENCRYPT_MODE, secretKeyDesKey);


The exception is as follows: 
----------------------------------------------------------------------------
------------
Internal Servlet Error:

java.lang.ExceptionInInitializerError: java.lang.SecurityException: Cannot
set up certs for trusted CAs
	at javax.crypto.b.([DashoPro-V1.2-120198])
	at javax.crypto.Cipher.getInstance([DashoPro-V1.2-120198])
	at
org.apache.cocoon.transformation.XmlEncryptor.encryptElement(XMLEncryptionTr
ansformer.java:453)
	at
org.apache.cocoon.transformation.XmlEncryptor.encryptChildNodes(XMLEncryptio
nTransformer.java:335)
	at
org.apache.cocoon.transformation.XmlEncryptor.encrypt(XMLEncryptionTransform
er.java:295)
	at
org.apache.cocoon.transformation.XMLEncryptionTransformer.endElement(XMLEncr
yptionTransformer.java:154)
	at
org.apache.xerces.parsers.SAXParser.endElement(SAXParser.java:1403)
	at
org.apache.xerces.validators.common.XMLValidator.callEndElement(XMLValidator
.java:1436)
	at
org.apache.xerces.framework.XMLDocumentScanner$ContentDispatcher.dispatch(XM
LDocumentScanner.java:1205)
	at
org.apache.xerces.framework.XMLDocumentScanner.parseSome(XMLDocumentScanner.
java:381)
	at org.apache.xerces.framework.XMLParser.parse(XMLParser.java:1035)
	at
org.apache.cocoon.components.parser.JaxpParser.parse(JaxpParser.java:72)
	at
org.apache.cocoon.generation.StreamGenerator.generate(StreamGenerator.java:1
09)
	at
org.apache.cocoon.components.pipeline.CachingEventPipeline.process(CachingEv
entPipeline.java:217)
	at
org.apache.cocoon.components.pipeline.CachingStreamPipeline.process(CachingS
treamPipeline.java:361)
	at
org.apache.cocoon.www.file_C_.jakarta_tomcat_3_3_b1.webapps.cocoon.sitemap_x
map.wildcardMatchN4E6(sitemap_xmap.java:6262)
	at
org.apache.cocoon.www.file_C_.jakarta_tomcat_3_3_b1.webapps.cocoon.sitemap_x
map.process(sitemap_xmap.java:2497)
	at
org.apache.cocoon.www.file_C_.jakarta_tomcat_3_3_b1.webapps.cocoon.sitemap_x
map.process(sitemap_xmap.java:2103)
	at org.apache.cocoon.sitemap.Handler.process(Handler.java:160)
	at org.apache.cocoon.sitemap.Manager.invoke(Manager.java:103)
	at org.apache.cocoon.Cocoon.process(Cocoon.java:423)
	at
org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:507)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java)



 


-----Original Message-----
From: cmanolache@yahoo.com [mailto:cmanolache@yahoo.com]
Sent: Wednesday, August 29, 2001 10:15 PM
To: 'tomcat-dev@jakarta.apache.org'
Cc: 'tec@orion.nsr.hp.com'
Subject: Re: Cannot set up certs for trusted CAs exception ( JCE and
tomcat an d cocoon2.0)


Hi,

Try to place JCE/JSSE in tomcat.home/lib, or even better in the
jre/lib/ext - and see if this solved the problem. My guess - it's related
to some code doing a Class.forName() instead of using the context class
loader or the context loader is not set.( for 3.2.x you _must_ add the
Jdk12Interceptor if you want the context class loader set. If you haven't
- that should be the first step. )

You could also try with 3.3beta1 - class loader has been completely
redesigned and works pretty well now. I have no problems with JSSE ( I
tested it today )

Costin



On Wed, 29 Aug 2001, SUBRAHMANYAM,VEENA (HP-MountainView,ex1) wrote:

> Hi
>
> I have been experiencing some problems using JCE, in the tomcat
environment.
>
> I am using tomcat 3.2.2, and JCE 1.2.1., xerces_1_4_1.jar, cocoon 2.0 ...
>
> I am using JCE to encrypt and decrypt some XML docs. The program to
encrypt
> and decrypt works in standalone mode. But when it is run within the
servlet
> env, an "java.lang.SecurityException: Cannot set up certs for trusted CAs"
> exception is thrown at the the following lines of code:
>  Cipher cipherDes = Cipher.getInstance("DES/ECB/PKCS5Padding");
>  secretKeyDesKey = KeyGenerator.getInstance("DES").generateKey();
>
> (the detailed stack trace is pasted at the bottom of this email)
>
> I have found that this exception has been reported to be thrown, by
various
> people, in the tomcat archives, due to classloader hierarchy problems,
> JarURLConnection / WARConnection clashes etc.
> I have found emails that allude to a fix, if some set of these jars are
> placed in the tomcat-home/lib dir instead of the
> tomcat-home/webapps/cocoon/web-inf/lib dir, but have not been able to
locate
> further info....(my JCE 1.2.1 related jars, xerces.jar, etc are all in the
> tomcat-home/webapps/cocoon/web-inf/lib directory).
>
> I think this, or a flavor of this problem is a known bug in tomcat...
>
> Can someone, give me a workaround or a fix or a guestimate for the
> resolution?
>
> Thanx in advance..
>
> Veena
>
> P.s:
>  The exception I get is as follows:
> ------------------------------------------------------------
> 2001-08-29 07:09:13 - Ctx( /cocoon ): Exception in: R( /cocoon + /request1
+
> null) - java.lang.ExceptionInInitializerError:
java.lang.SecurityException:
> Cannot set up certs for trusted CAs
>         at javax.crypto.b.<clinit>([DashoPro-V1.2-120198])
>         at javax.crypto.Cipher.getInstance([DashoPro-V1.2-120198])
>         at
>
org.apache.cocoon.transformation.XmlEncryptor.encryptElement(XMLEncryptionTr
> ansformer.java:453)
>         at
>
org.apache.cocoon.transformation.XmlEncryptor.encryptChildNodes(XMLEncryptio
> nTransformer.java:335)
>         at
>
org.apache.cocoon.transformation.XmlEncryptor.encrypt(XMLEncryptionTransform
> er.java:295)
>         at
>
org.apache.cocoon.transformation.XMLEncryptionTransformer.endElement(XMLEncr
> yptionTransformer.java:154)
>         at
> org.apache.xerces.parsers.SAXParser.endElement(SAXParser.java:1403)
>         at
>
org.apache.xerces.validators.common.XMLValidator.callEndElement(XMLValidator
> .java:1385)
>         at
>
org.apache.xerces.framework.XMLDocumentScanner$ContentDispatcher.dispatch(XM
> LDocumentScanner.java:1205)
>         at
>
org.apache.xerces.framework.XMLDocumentScanner.parseSome(XMLDocumentScanner.
> java:381)
>         at org.apache.xerces.framework.XMLParser.parse(XMLParser.java:952)
>         at
> org.apache.cocoon.components.parser.JaxpParser.parse(JaxpParser.java:72)
>         at
>
org.apache.cocoon.generation.StreamGenerator.generate(StreamGenerator.java:1
> 09)......
>
> ----------------------------------------
>
>


Mime
View raw message