Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / September 2005

Tip: Looking for answers? Try searching our database.

lengthTag=109, too big.

Thread view: 
Enable EMail AlertsStart New Thread
Mangalaganesh Balasubramanian - 10 Sep 2005 11:24 GMT
Hi,

I created a certificate using java keytool (JDK 1.4.2 )

No matter which proivder i use (IBMJCE or BouncyCastle to name a
couple)

I keep getting this error.

public X509Certificate getCertificate() {
try {

InputStream inStream = new FileInputStream(SERVER_KEYSTORE);
CertificateFactory cf = CertificateFactory.getInstance("X.509");

X509Certificate cert = (X509Certificate)
cf.generateCertificate(inStream);
inStream.close();
return cert;
}
catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
throw new RuntimeException(e);
}
}

java.security.cert.CertificateException: Unable to initialize,
java.io.IOException: DerInputStream.getLength(): lengthTag=109, too
big.
at com.ibm.security.x509.X509CertImpl.<init>(Unknown Source)
at com.ibm.security.x509.X509CertImpl.<init>(Unknown Source)
at
com.ibm.crypto.provider.X509Factory.engineGenerateCertificate(Unknown
Source)
at java.security.cert.CertificateFactory.generateCertificate(Unknown
Source)
at samples.EncyrptionSamples.getCertificate(EncyrptionSamples.java:113)
at samples.EncyrptionSamples.encrypt(EncyrptionSamples.java:91)
at samples.EncyrptionSamples.main(EncyrptionSamples.java:62)

Appreciate if somebody could point me to what is wrong out here.

Thanks,
manglu
Reply to this Message
Tommy Grändefors - 11 Sep 2005 10:52 GMT
Hi,

What is the 'SERVER_KEYSTORE'? You cannot pass in the whole key store
into the certificate factory. It must be your DER- or base64 encoded
certificate.

If it doesn't help, then please reply with your certificate (base 64
encoded) and I can check it through an ASN.1 viewer.

Regards,
Tommy Grändefors
www.pheox.com

> Hi,
>
[quoted text clipped - 41 lines]
> Thanks,
> manglu
Reply to this Message
Mangalaganesh Balasubramanian - 12 Sep 2005 09:35 GMT
Tommy,

Thanks for you reply.

The Server_Keystore is a jks file.

Instead of passing a keystore if i just pass the certificate (a .cer
file) then it is able to work.

Thanks,
manglu
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.