Menu
▾
▴
Re: [Trustedjava-support] Problem with validation of AIK Certificate
|
From: Martin P. <Mar...@ia...> - 2009-06-15 07:43:20
|
Have a nice monday morning... dev...@ar... wrote: > - Debugging the server part, which leads me to the following exception in the file ValidateCertFile.java function validate > Signature decryption error: javax.crypto.BadPaddingException: Invalid PKCS#1 padding: encrypted message and modulus lengths do not match! Decryption failure with PKCS#1 padding errors typically occur when one uses the wrong key for decryption. E.g., you receive the same error if you want to try our demo server setup to create an AIK certificate, but use the credentials which are included in the apki package and not the matching ones from the demo server homepage. Why this happens in your setup with just aik_validate I can't say, have a look at your configuration which certificate (chains) are actually loaded and used for validation. As you can see from the validation module code it is very basic. In a real production setup one would hook up an industrial PKI validation module, but that wasn't the primary development goal for this experimental prototype PrivacyCA setup. HTH, Martin |
