[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] [iaik-jce] IAIK Key & Certificate required separately in *.der format for using with WebLogic



>Pl suggest a way to create separate key and cert files correctly
>     in both *.der and *.pem formats
You may use the getEncoded() method of PrivateKey for getting a DER encoding
to be written to a file. For protection use a EncryptedPrivateKeyInfo. For
PEM encoding use the toPemString(java.security.PrivateKey privKey) method of
the iaik.utils.Util class, e.g.:

String pemString = Util.toPEMString(privKey);
fos.write(pemString.getBytes());

For writing the certificates DER encoded, you simply may loop through the
certificate chain and call the writeTo method on each certificate. For PEM
encoding, for each cert you may use the
toPemString(java.security.cert.Certificate cert) method of the
iaik.utils.Util class.

>  In Windows NT Explorer, when we double click on a *.der file
> created using SSLeay tool, we get a Certificate Dialog Box giving...

IAIK KeyAndCertificate is not a standard format. It has been designed before
implementing PKCS#12 for having a format to store key and certificate to one
file. If you want to use the dialog Box described above, create a PKSC12
object and save it to a file. When writing a DER encoded cert chain as
described above you also can view it by "double click".

D. Bratko


-----Ursprüngliche Nachricht-----
Von: Sundar Krishnan <sundark@india.hp.com>
An: <iaik-ssl@iaik.tu-graz.ac.at>; <iaik-jce@iaik.tu-graz.ac.at>
Gesendet: Donnerstag, 03. Juni 1999 13:20
Betreff: [iaik-jce] IAIK Key & Certificate required separately in *.der
format for using with WebLogic


> We have generated RSA 512 bits Key & Certificates with IAIK - both in
> *.pem and *.der formats using CreateCertificates.
>
> 1) To work with WebLogic, we need separate Key and Certificate files.
>     With the KeyAndCertificate's saveTo() method, we get a combined
> file.
>     I therefore tried splitting the *.pem files into 2 parts - one for
> the
>     key and one for the certificate.
>     However, in doing so, I get java.io.EOFException at WebLogic, and
>     hence SSL connection doesn't go through. As an eg, briefly :
>
>     "Not listening for SSL: java.io.IOException:
>     Inconsistent Security Configuration: java.io.EOFException ...."
>
>     Pl suggest a way to create separate key and cert files correctly
>     in both *.der and *.pem formats.
>
> 2) In Windows NT Explorer, when we double click on a *.der file
>     created using SSLeay tool, we get a Certificate Dialog Box giving
>     details, and which also asks us to install with the help of a
> wizard.
>     However, for *.der files created using IAIK, we get an alert box
> saying :
>     "This is an invalid Security Certificate file."
>
> I think the solution to both 1 & 2 above is one common one. Pl suggest.
>
> Thanks in advance.
>
> Sundar Krishnan
>
>
>
> --
> Mailinglist-archive at
http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html
>
> To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the
folowing content: UNSUBSCRIBE iaik-jce
>
>
>


smime.p7s