(no subject)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

(no subject)

Marcin Cinik
I was trying to set key entry in the key store:

        keyStore.setKeyEntry(alias, key, pass, chain);

where chain is an array of two certificates: new X509Certificate[] {cert,
caCert}
caCert - trusted entity's certificate
cert - issued certificate

And I get:

java.security.KeyStoreException: Key protection  algorithm not
foundjava.security.KeyStoreException: Certificate chain is not validate
        at
com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineSetKeyEntry(Unknown
Source)
        at java.security.KeyStore.setKeyEntry(Unknown Source)
        at pl.pbpolsoft.ca.tests.keygenerator.KG2.storeKeys(KG2.java:119)
        at pl.pbpolsoft.ca.tests.keygenerator.KG2.main(KG2.java:153)
Caused by: java.security.KeyStoreException: Certificate chain is not
validate
        ... 4 more


Reply | Threaded
Open this post in threaded view
|

Re: [dev-crypto]

David Hook-4
I think this indicates that the issued cert cannot be recognised as
being issued by the caCert. You need to check how the issued certificate
is being created, it sounds like the two certificates fail to form a
valid certificate path.

Regards,

David

On Sun, 2005-08-28 at 19:09 +0200, Marcin Cinik wrote:

> I was trying to set key entry in the key store:
>
> keyStore.setKeyEntry(alias, key, pass, chain);
>
> where chain is an array of two certificates: new X509Certificate[] {cert,
> caCert}
> caCert - trusted entity's certificate
> cert - issued certificate
>
> And I get:
>
> java.security.KeyStoreException: Key protection  algorithm not
> foundjava.security.KeyStoreException: Certificate chain is not validate
> at
> com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineSetKeyEntry(Unknown
> Source)
> at java.security.KeyStore.setKeyEntry(Unknown Source)
> at pl.pbpolsoft.ca.tests.keygenerator.KG2.storeKeys(KG2.java:119)
> at pl.pbpolsoft.ca.tests.keygenerator.KG2.main(KG2.java:153)
> Caused by: java.security.KeyStoreException: Certificate chain is not
> validate
> ... 4 more
>
>