From: Carolin L. <car...@un...> - 2008-01-16 15:06:29
|
Hi all, I have another Java problem... meanwhile I copied tccert into the resources directory and adapted iaik_xkms.jar according to Martins Mail. Finally, I checked that I have JCE and the signed iaik_jce.jar. The example with ca.ini works, but I am not able to use certs.ini: ./tccert.sh -i ca certs.ini ***************************************************************************** *** *** *** Welcome to the IAIK JCE Library *** *** *** *** This version of IAIK-JCE is licensed for evaluation, education, *** *** research, and use in open-source projects only. *** *** Commercial use of this software is prohibited. *** *** For details please see http://jce.iaik.tugraz.at/sales/. *** *** This message does not appear in the registered commercial version. *** *** *** ***************************************************************************** generating CA certificates... CAroot 16:03:28:845 [INFO] CACertificate::<init> (49): generating RSA KeyPair for CA certificate... 16:03:28:847 [INFO] CACertificate::<init> (56): privatekeysize not specified, using default 2048 bits 16:03:30:002 [WARN] Common::parseName (70): 'country' property for distinguished name expected 16:03:30:002 [WARN] Common::parseName (77): 'organization' property for distinguished name expected 16:03:30:003 [WARN] Common::parseName (84): 'organizationalUnit' property for distinguished name expected 16:03:30:003 [WARN] Common::parseName (91): 'commonName' property for distinguished name expected Exception in thread "main" java.lang.IllegalArgumentException: distinguished name object must not be empty, cannot build Name object at iaik.tc.cert.common.Common.parseName(Common.java:95) at iaik.tc.cert.CACertificate.<init>(CACertificate.java:67) at iaik.tc.TCcert.generateCA(TCcert.java:243) at iaik.tc.TCcert.main(TCcert.java:118) It seems, that I have another configuration problem... BTW I compared certs.ini with ca.ini, but I don't see the problem... Any hints are appreciated Regards Carolin Carolin Latze wrote: > Hi Martin, > > thanks for the immediate reply. I got it working now. You were right, I > had to replace iaik-jce. I used the signed version for pca, but for > certificate creation I use a seperate tccert installation, which didn't > use the signed jar. Thanks for the hint > > Btw I read already your older mail, but I am not that far with my setup > atm :-) > > Regards > Carolin > > Martin Pirker wrote: > >> Hi... >> >> Carolin Latze wrote: >> >> >>> ./tccert.sh -i ca ca.ini >>> >>> >> [...] >> >> >>> generating CA certificates... >>> CAroot >>> 15:07:09:783 [INFO] CACertificate::<init> (49): generating RSA KeyPair >>> for CA certificate... >>> 15:07:16:902 [INFO] CACertificate::<init> (74): root CA cert ---> >>> issuerDN = subjectDN >>> Exception in thread "main" iaik.utils.InternalErrorException: >>> PBEParameterSpec type required >>> at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown Source) >>> at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown Source) >>> at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown Source) >>> at iaik.tc.cert.common.Common.writePrivateKeyToFile(Common.java:363) >>> at iaik.tc.TCcert.generateCA(TCcert.java:247) >>> at iaik.tc.TCcert.main(TCcert.java:118) >>> >>> >> [...] >> >> >> >>> Does anybody have an idea whats going wrong here? >>> >>> >> I am unable to reproduce your problem: >> >> .../testtccert/tccert-0.2.2$ java -version >> java version "1.6.0_03" >> Java(TM) SE Runtime Environment (build 1.6.0_03-b05) >> Java HotSpot(TM) Client VM (build 1.6.0_03-b05, mixed mode, sharing) >> >> .../tccert-0.2.2$ ./tccert.sh -i ca ca.ini >> *** *** >> *** Welcome to the IAIK JCE Library *** >> *** *** >> *** This version of IAIK JCE is licensed for educational and research use *** >> *** and evaluation only. Commercial use of this software is prohibited. *** >> *** For details please see http://jce.iaik.tugraz.at/sales/licences/. *** >> *** This message does not appear in the registered commercial version. *** >> *** *** >> >> generating CA certificates... >> CAroot >> 14:14:16:263 [INFO] CACertificate::<init> (49): generating RSA KeyPair for CA certificate... >> 14:14:19:132 [INFO] CACertificate::<init> (74): root CA cert ---> issuerDN = subjectDN >> CApe >> 14:14:19:926 [INFO] CACertificate::<init> (49): generating RSA KeyPair for CA certificate... >> 14:14:25:328 [INFO] CACertificate::<init> (71): derived CA cert >> CAek >> 14:14:25:440 [INFO] CACertificate::<init> (49): generating RSA KeyPair for CA certificate... >> 14:14:28:441 [INFO] CACertificate::<init> (71): derived CA cert >> CAaik >> 14:14:28:521 [INFO] CACertificate::<init> (49): generating RSA KeyPair for CA certificate... >> 14:14:33:813 [INFO] CACertificate::<init> (71): derived CA cert >> ...done >> >> >> >> Common problems: >> * Are you sure you use the signed(!) version of IAIK-JCE? >> * Are you sure you installed the "unlimited strength encryption" policy files >> for Java? >> >> >> As a future help, please also read my mail "XKMS 0.2 + Java 6" from 21.08.2007 >> on this mailing list. I attached "IAIK.class" again to this mail for your convenience. >> >> >> HTH, >> Martin >> >> ------------------------------------------------------------------------ >> >> ------------------------------------------------------------------------- >> This SF.net email is sponsored by: Microsoft >> Defy all challenges. Microsoft(R) Visual Studio 2008. >> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Trustedjava-support mailing list >> Tru...@li... >> https://lists.sourceforge.net/lists/listinfo/trustedjava-support >> >> > > |