Illegal Key Size

Help
Noel
2014-01-23
2014-01-24
  • Noel
    Noel
    2014-01-23

    Hi !

    I have a problem when I want to generate Administrator Certificate :

    Exception:
    java.io.IOException: exception encrypting data - java.security.InvalidKeyException: Illegal key size
    at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.wrapKey(Unknown Source)
    at org.bouncycastle.jce.provider.JDKPKCS12KeyStore.engineStore(Unknown Source)
    at java.security.KeyStore.store(KeyStore.java:1117)
    at org.ejbca.ui.web.pub.RequestInstance.sendP12Token(RequestInstance.java:662)
    at org.ejbca.ui.web.pub.RequestInstance.doPost(RequestInstance.java:310)
    at org.ejbca.ui.web.pub.CertReqServlet.doPost(CertReqServlet.java:117)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
    at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
    at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
    at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
    at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
    at java.lang.Thread.run(Thread.java:662)

    It's my third installation of EJBCA and it's the first time that I have this problem.

    I check JCE Policy and it's ok.

    I used :
    - JDK 6u45
    - JCE Policy 6 (2 JAR files copied in %JAVA_HOME%\jre\lib\security)
    - JBOSS 5.1.0 (
    - Apache Ant 1.9.2
    - EJBCA 4.0.16
    - MySQL Connector 5.1.28 and copied in %JBOSS_HOME%\server\default\lib
    - MySQL 5.6.15.0

    Thanks for your help !

     
  • Illegal key size is always due to Oracle JDK policy files. My best suggestion is that I think you are using Windows, and then there are two places where you have to put policy files.

     
    • Noel
      Noel
      2014-01-23

      Ok, I need to do a new installation or just change this 2 files ?
      Yes, I using Windows.
      So, I need to put 2 files in :
      - C:\Program Files (x86)\Java\jre6\lib\security
      AND
      - C:\Program Files (x86)\Java\jdk1.6.0_45\jre\lib\security ??

      Today I put this files only in C:\Program Files (x86)\Java\jre6\lib\security
      Like my other installation and it's works perfectly before.

       
  • Noel
    Noel
    2014-01-24

    It's ok. It was not a problem with JCE but with extendedkeyusage.properties who wasn't create.