Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#2 cannot export keypair as pkcs12

open
nobody
None
5
2005-11-21
2005-11-21
Ralf Hauser
No

java.security.UnrecoverableKeyException: Cannot recover key
sun.security.provider.KeyProtector.recover(KeyProtector.java:301)
sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:103)
java.security.KeyStore.getKey(KeyStore.java:731)
net.sf.portecle.FPortecle.exportPrivKeyCertChain(Unknown
Source)
net.sf.portecle.FPortecle.exportSelectedEntry(Unknown
Source)
net.sf.portecle.FPortecle.access$4400(Unknown Source)
net.sf.portecle.FPortecle$47.run(Unknown Source)
java.lang.Thread.run(Thread.java:595)

I was able to do a "Save Keystore As".
Unfortunately, I cannot give you the keystore for
testing since the private key is still in use, but this
keystore-report may give you some evidence on what type
of key we are dealing with:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE keystore PUBLIC "-//Portecle//DTD KeyStore
Report 1.0//EN"
"http://portecle.sourceforge.net/xml/keystore.dtd">
<keystore provider="SUN" type="JKS">
<entry alias="smtp.privasphere.com"
creation_date="Nov 24, 2004 9:08:15 AM" type="KeyPair">
<certificate>
<version>3</version>
<subject>EMAILADDRESS=info@privasphere.com,
CN=smtp.privasphere.com, OU=Secure Messaging,
O=PrivaSphere GmbH, L=Zurich, ST=ZH, C=CH</subject>
<issuer>EMAILADDRESS=certificate@trustcenter.de,
OU=TC TrustCenter Class 3 CA, O=TC TrustCenter for
Security in Data Networks GmbH, L=Hamburg, ST=Hamburg,
C=DE</issuer>

<serial_number>36DF000000027FBC5193A605086F</serial_number>
<valid_from>Oct 14, 2004 12:55:28 PM</valid_from>
<valid_until>Nov 28, 2005 11:55:28 AM</valid_until>
<public_key_algorithm>RSA (1024
bits)</public_key_algorithm>

<signature_algorithm>SHA1withRSA</signature_algorithm>

<md5_fingerprint>24:6D:D7:1E:52:16:7E:E1:F1:3C:29:72:F9:7A:6F:20</md5_fingerprint>

<sha1_fingerprint>FE:BF:37:20:D4:48:92:3A:FF:94:F0:00:BE:E3:80:D5:1A:F4:A3:AC</sha1_fingerprint>
</certificate>
</entry>
</keystore>

Discussion

  • Ralf Hauser
    Ralf Hauser
    2005-11-22

    Logged In: YES
    user_id=266141

    didn't work either with sun's keytool:

    $JAVA_HOME/bin/keytool.exe
    -keyclone -alias smtp.privasphere.com -dest
    new -keypass changeit -new changeit -storetype JKS
    -keystore james.ks
    -storepass changeit -v
    keytool error: java.security.UnrecoverableKeyException:
    Cannot recover key

     
  • Ralf Hauser
    Ralf Hauser
    2005-11-22

    Logged In: YES
    user_id=266141

    I created the keystore with jdk 1.4 and now I am trying to
    decrypt it with jdk1.5

    or could it be that the key password is wrong...

     
  • Ville Skyttä
    Ville Skyttä
    2006-03-06

    Logged In: YES
    user_id=32457

    Sorry for the delay, I thought email notifications for
    sf.net tracker items were enabled, but turns out they
    were not.

    It looks like the validity period of the certificate has
    passed now. In case you still have it around, could you
    send it to me for testing? (Private mail is ok too.)