You are viewing a plain text version of this content. The canonical link for it is here.

Posted to httpclient-users@hc.apache.org by Lalit Sahoo <la...@sonata-software.com> on 2007/03/13 11:35:33 UTC

public key protected PKCS12 not supported

Hi All,

 

I am using HttpClient 3.0 and Tomcat web server.

I am implementing certificate-based client authentication over SSL.

 

For this I have created a client certificate "client2.p12" by using
OpenSSL tool.

 

When I am loading this certificate by keystore.load (inputstream,
password) it works fine.

 

But when I doing following steps then I am getting exception as given
below.

Can anybody help me in resolving this issue?

 

1. Reading the certificate file and storing the data as a String.

 

2. Then creating ByteArrayInputStream from this String and passing the
input stream to keystore.load().

 

SEVERE: I/O error reading keystore/truststore file: 

java.io.IOException: public key protected PKCS12 not supported

      at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(Unknown
Source)

      at java.security.KeyStore.load(Unknown Source)

      at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.createKeySto
re(AuthSSLProtocolSocketFactory.java:317)

      at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.createSSLCon
text(AuthSSLProtocolSocketFactory.java:401)

      at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.getSSLContex
t(AuthSSLProtocolSocketFactory.java:523)

      at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.createSocket
(AuthSSLProtocolSocketFactory.java:544)

      at
org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:70
6)

      at
com.cramer.agent.protocol.http.HttpProtocol.connect(HttpProtocol.java:92
4)

      at
com.cramer.agents.integration.http.HttpImplTest.testTwoWaySSLWithCertAut
hentication(HttpImplTest.java:1272)

      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

      at java.lang.reflect.Method.invoke(Unknown Source)

      at junit.framework.TestCase.runTest(TestCase.java:164)

      at junit.framework.TestCase.runBare(TestCase.java:130)

      at junit.framework.TestResult$1.protect(TestResult.java:106)

      at junit.framework.TestResult.runProtected(TestResult.java:124)

      at junit.framework.TestResult.run(TestResult.java:109)

      at junit.framework.TestCase.run(TestCase.java:120)

      at junit.framework.TestSuite.runTest(TestSuite.java:230)

      at junit.framework.TestSuite.run(TestSuite.java:225)

      at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTe
stRunner.java:478)

      at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRun
ner.java:344)

      at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRu
nner.java:196)

 

Regards,

Lalit

Re: public key protected PKCS12 not supported

Posted by Roland Weber <RO...@de.ibm.com>.

Hello Lalit,

> 1. Reading the certificate file and storing the data as a String.
> 2. Then creating ByteArrayInputStream from this String and passing the
> input stream to keystore.load().

Certificate files are binary data and NOT strings. Store
the data in a byte array and don't convert it to string.

By the way, this is a mailing list for HttpClient questions,
not for SSL or PKCS questions.

regards,
  Roland