tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: 5.0.18 + keytool
Date Fri, 20 Feb 2004 17:08:30 GMT
Yes, your message is getting through. I've never had that error, 
although I have almost the same config as you. I assume you've googled 
as well?

On 02/20/2004 05:14 PM Stewart Walker wrote:
> Wondering if I my message is getting out there as as I've seen no 
> response.  Going to try again.
> 
> Could really use your help getting past the below error while
> trying to setup/import a server certificate.
> 
> The required jsse jar files are in
> $JAVA_HOME/jre/lib/ext
> 
> The IBMJava was installed during the Linux install. As far
> as I can tell it isn't running anything and $JAVA_HOME/bin
> is first in the path. But I still wonder.
> 
> keytool was run by root in $JAVA_HOME/bin
> 
> Haven't done anything with apache yet our web based servlet app is
> working on 8080 with tomcat.
> Thanks.
> 
> Linux ES 2.1
> 249-e.37 kernel
> j2sdk1.4.2_03
> tomcat5.0.18
> 
> $PATH
> 
> /usr/kerberos/sbin:
> /usr/kerberos/bin:
> /usr/java/j2sdk1.4.2_03/bin:
> /opt/IBMJava2-131/bin:
> /opt/IBMJava2-131/jre/bin:
> /usr/local/sbin:/sbin:/usr/sbin:
> /bin:/usr/bin:/usr/bin/X11:
> /usr/local/bin:
> /usr/bin:
> /usr/X11R6/bin:
> /root/bin:
> 
> [root@]# ps aux |grep java
> root      2985 27.0  0.7 246712 29368 pts/5  S    08:38   0:04
> /usr/java/j2sdk1.
> root      2986  0.0  0.7 246712 29368 pts/5  S    08:38   0:00
> /usr/java/j2sdk1.
> this is just a snipit..
> 
> [root@ssl/ca]#ls -l
> -rwxr-xr-x    1 root     apache        785 Feb 18 10:16 ca.csr
> -rwxr-xr-x    1 root     apache        887 Feb 18 10:16 ca.key
> -rwxr-xr-x    1 root     apache       1066 Feb 18 10:17 ca.pem
> 
> 
> root@bin]# openssl req -new -newkey /
> rsa:1024 -nodes -out /usr/java/ssl/ca/ca.csr /
> -keyout /usr/java/ssl/ca/ca.key
> Using configuration from /usr/share/ssl/openssl.cnf
> Generating a 1024 bit RSA private key
> .............++++++
> ......++++++
> writing new private key to '/usr/java/ssl/ca/ca.key'
> -----
> ok works fine
> 
> root@bin]# openssl x509 -trustout /
> -signkey /usr/java/ssl/ca/ca.key /
> -days 720 -req -in /usr/java/ssl/ca/ca.csr /
> -out /usr/java/ssl/ca/ca.pem
> Signature ok
> subject=/C=US/ST=state/L=city/O=City state/OU=dept/CN=computer/Email=email
> Getting Private key
> ok works fine
> 
> root@bin]# keytool -import -keystore /
> $JAVA_HOME/jre/lib/security/cacerts /
> -file /usr/java/ssl/ca/ca.pem -alias test_ca
> Enter keystore password:  changeit
> Exception in thread "main" java.lang.ExceptionInInitializerError
>         at javax.crypto.Cipher.a(DashoA6275)
>         at javax.crypto.Cipher.getInstance(DashoA6275)
>         at
> com.baltimore.jcrypto.provider.crypto.signatures.RSASignature.<init>([DashoPro-
> V1.3-013000])
>         at
> com.baltimore.jcrypto.provider.crypto.signatures.JCRYPTO_RSAwithMD5Signature.
> <init>([DashoPro-V1.3-013000])
>         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method)
> 
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorI
> mpl.java:39)
>         at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructor
> AccessorImpl.java:27)
>         at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
>         at java.lang.Class.newInstance0(Class.java:308)
>         at java.lang.Class.newInstance(Class.java:261)
>         at java.security.Security.doGetImpl(Security.java:1137)
>         at java.security.Security.doGetImpl(Security.java:1084)
>         at java.security.Security.getImpl(Security.java:1045)
>         at java.security.Signature.getInstance(Signature.java:169)
>         at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:425)
>         at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:383)
>         at sun.security.tools.KeyTool.addTrustedCert(KeyTool.java:1251)
>         at sun.security.tools.KeyTool.doCommands(KeyTool.java:512)
>         at sun.security.tools.KeyTool.run(KeyTool.java:124)
>         at sun.security.tools.KeyTool.main(KeyTool.java:118)
> Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
>         at javax.crypto.SunJCE_b.<clinit>(DashoA6275)
>         ... 20 more
> Caused by: java.security.PrivilegedActionException:
> java.security.cert.CertificateException: OIDs::getInstance() - Cannot find
> any
> provider
> supporting RSA
>         at java.security.AccessController.doPrivileged(Native Method)
>         ... 21 more
> Caused by: java.security.cert.Cer
> tificateException: OIDs::getInstance() - Cannot find
> any provider supporting RSA
>         at
> com.baltimore.jpkiplus.x509.JCRYPTO_X509Certificate.verify([DashoPro-
> V1.3-013000])
>         at javax.crypto.SunJCE_b.c(DashoA6275)
>         at javax.crypto.SunJCE_b.b(DashoA6275)
>         at javax.crypto.SunJCE_s.run(DashoA6275)
>         ... 22 more
> 
> 
> 
> 
> 


-- 
struts 1.1 + tomcat 5.0.16 + java 1.4.2
Linux 2.4.20 Debian


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message