You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Arieh Markel <Ar...@central.sun.com> on 2000/10/04 21:51:38 UTC

SSL Key generation problem

Probably I am missing the obvious.

When trying to debug my application with the latest 3.2 (downloaded today)
and trying to test SSL, I am failing to generate the keystore.

The following is the error I am seeing:

: amarkel@forechek [1097]; keytool -genkey -alias tomcat -keyalg RSA
Enter keystore password:  changeit
keytool error: KeyPairGenerator not available


Here are the relevant portions of the CLASSPATH:

/ws/sx1.0-tools/jakarta/v3.2-6/dist/jakarta-tomcat/lib/webserver.jar:/ws/sx1.0-t
ools/jakarta/v3.2-6/dist/jakarta-tomcat/lib/servlet.jar:/ws/sx1.0-tools/jakarta/
v3.2-6/dist/jakarta-tomcat/lib/parser.jar:/ws/sx1.0-tools/jakarta/v3.2-6/dist/ja
karta-tomcat/lib/jaxp.jar:/ws/sx1.0-tools/jakarta/v3.2-6/dist/jakarta-tomcat/lib
/jasper.jar:/ws/sx1.0-tools/JDK-JTG-RELEASES/Solaris_JDK_1.2.2_05a/lib/tools.jar
:/ws/sx1.0-tools/SUPPORT_PKGS/jsse/jsse1.0.2_gl/lib/jsse.jar:/ws/sx1.0-tools/SUP
PORT_PKGS/jsse/jsse1.0.2_gl/lib/jnet.jar:/ws/sx1.0-tools/SUPPORT_PKGS/jsse/jsse1
.0.2_gl/lib/jcert.jar:/ws/sx1.0-tools/SUPPORT_PKGS/jce/jce1.2.1/lib/jce1_2_1.jar
:/ws/sx1.0-tools/SUPPORT_PKGS/jce/jce1.2.1/lib/sunjce_provider.jar:.

Which to make it clear includes:

	jsse.jar
	jnet.jar
	jcert.jar
	jce1_2_1.jar
	sunjce_provider.jar

I set the jre/lib/security/java.security file as indicated.

I am running with JDK 1.2.2.05a.

Any ideas of what I am doing incorrectly ?

Thanks,

Arieh
--
 Arieh Markel		                Sun Microsystems Inc.
 Network Storage                        500 Eldorado Blvd. MS UBRM11-194
 e-mail: arieh.markel@sun.COM           Broomfield, CO 80021
 Let's go Panthers !!!!                 Phone: (303) 272-8547 x78547
 (e-mail me with subject SEND PUBLIC KEY to get public key)

Re: SSL Key generation problem

Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.

When working with 4.0 (which I don't think is relevant -- it's a JSSE issue), I
found that it would only work correctly when I installed the JSSE JAR files as
system extensions (in $JAVA_HOME/jre/lib/ext) -- which is what the JSSE install
instructions say you should do.  I also don't use the JCE libraries.  Do you need
them for your own apps?

Craig



Arieh Markel wrote:

> Probably I am missing the obvious.
>
> When trying to debug my application with the latest 3.2 (downloaded today)
> and trying to test SSL, I am failing to generate the keystore.
>
> The following is the error I am seeing:
>
> : amarkel@forechek [1097]; keytool -genkey -alias tomcat -keyalg RSA
> Enter keystore password:  changeit
> keytool error: KeyPairGenerator not available
>
> Here are the relevant portions of the CLASSPATH:
>
> /ws/sx1.0-tools/jakarta/v3.2-6/dist/jakarta-tomcat/lib/webserver.jar:/ws/sx1.0-t
> ools/jakarta/v3.2-6/dist/jakarta-tomcat/lib/servlet.jar:/ws/sx1.0-tools/jakarta/
> v3.2-6/dist/jakarta-tomcat/lib/parser.jar:/ws/sx1.0-tools/jakarta/v3.2-6/dist/ja
> karta-tomcat/lib/jaxp.jar:/ws/sx1.0-tools/jakarta/v3.2-6/dist/jakarta-tomcat/lib
> /jasper.jar:/ws/sx1.0-tools/JDK-JTG-RELEASES/Solaris_JDK_1.2.2_05a/lib/tools.jar
> :/ws/sx1.0-tools/SUPPORT_PKGS/jsse/jsse1.0.2_gl/lib/jsse.jar:/ws/sx1.0-tools/SUP
> PORT_PKGS/jsse/jsse1.0.2_gl/lib/jnet.jar:/ws/sx1.0-tools/SUPPORT_PKGS/jsse/jsse1
> .0.2_gl/lib/jcert.jar:/ws/sx1.0-tools/SUPPORT_PKGS/jce/jce1.2.1/lib/jce1_2_1.jar
> :/ws/sx1.0-tools/SUPPORT_PKGS/jce/jce1.2.1/lib/sunjce_provider.jar:.
>
> Which to make it clear includes:
>
>         jsse.jar
>         jnet.jar
>         jcert.jar
>         jce1_2_1.jar
>         sunjce_provider.jar
>
> I set the jre/lib/security/java.security file as indicated.
>
> I am running with JDK 1.2.2.05a.
>
> Any ideas of what I am doing incorrectly ?
>
> Thanks,
>
> Arieh
> --
>  Arieh Markel                           Sun Microsystems Inc.
>  Network Storage                        500 Eldorado Blvd. MS UBRM11-194
>  e-mail: arieh.markel@sun.COM           Broomfield, CO 80021
>  Let's go Panthers !!!!                 Phone: (303) 272-8547 x78547
>  (e-mail me with subject SEND PUBLIC KEY to get public key)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org

--
====================
See you at ApacheCon Europe <http://www.apachecon.com>!
Session VS01 (23-Oct 13h00-17h00):  Sun Technical Briefing
Session T06  (24-Oct 14h00-15h00):  Migrating Apache JServ
                                    Applications to Tomcat