You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Lalit Sahoo <la...@sonata-software.com> on 2007/03/13 11:35:33 UTC
public key protected PKCS12 not supported
Hi All,
I am using HttpClient 3.0 and Tomcat web server.
I am implementing certificate-based client authentication over SSL.
For this I have created a client certificate "client2.p12" by using
OpenSSL tool.
When I am loading this certificate by keystore.load (inputstream,
password) it works fine.
But when I doing following steps then I am getting exception as given
below.
Can anybody help me in resolving this issue?
1. Reading the certificate file and storing the data as a String.
2. Then creating ByteArrayInputStream from this String and passing the
input stream to keystore.load().
SEVERE: I/O error reading keystore/truststore file:
java.io.IOException: public key protected PKCS12 not supported
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(Unknown
Source)
at java.security.KeyStore.load(Unknown Source)
at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.createKeySto
re(AuthSSLProtocolSocketFactory.java:317)
at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.createSSLCon
text(AuthSSLProtocolSocketFactory.java:401)
at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.getSSLContex
t(AuthSSLProtocolSocketFactory.java:523)
at
com.cramer.agent.protocol.http.AuthSSLProtocolSocketFactory.createSocket
(AuthSSLProtocolSocketFactory.java:544)
at
org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:70
6)
at
com.cramer.agent.protocol.http.HttpProtocol.connect(HttpProtocol.java:92
4)
at
com.cramer.agents.integration.http.HttpImplTest.testTwoWaySSLWithCertAut
hentication(HttpImplTest.java:1272)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at junit.framework.TestCase.runTest(TestCase.java:164)
at junit.framework.TestCase.runBare(TestCase.java:130)
at junit.framework.TestResult$1.protect(TestResult.java:106)
at junit.framework.TestResult.runProtected(TestResult.java:124)
at junit.framework.TestResult.run(TestResult.java:109)
at junit.framework.TestCase.run(TestCase.java:120)
at junit.framework.TestSuite.runTest(TestSuite.java:230)
at junit.framework.TestSuite.run(TestSuite.java:225)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTe
stRunner.java:478)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRun
ner.java:344)
at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRu
nner.java:196)
Regards,
Lalit
Re: public key protected PKCS12 not supported
Posted by Roland Weber <RO...@de.ibm.com>.
Hello Lalit,
> 1. Reading the certificate file and storing the data as a String.
> 2. Then creating ByteArrayInputStream from this String and passing the
> input stream to keystore.load().
Certificate files are binary data and NOT strings. Store
the data in a byte array and don't convert it to string.
By the way, this is a mailing list for HttpClient questions,
not for SSL or PKCS questions.
regards,
Roland