Java exception Server certificates

I wanted to sign the certificates from a CA. Coplete the profile under server certificates and copy the CSR RSA code in my CA website.

After that i copy the code “Common Name: DigiCert SHA2 High Assurance Server CA” and press save.

Ok and after that a copy the second code “Common Name: DigiCert High Assurance EV Root CA” (that was the mistake…) in the second not RSA field.

After that i have the java exception…

Exception: java.security.InvalidKeyException: Supplied key (sun.security.provider.DSAPrivateKey) is not a RSAPrivateKey instance      at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source)      at java.security.Signature$Delegate.engineInitSign(Unknown Source)      at java.security.Signature.initSign(Unknown Source)      at org.bouncycastle.jce.PKCS10CertificationRequest.<init>(Unknown Source)      at org.bouncycastle.jce.PKCS10CertificationRequest.<init>(Unknown Source)      at org.jivesoftware.util.CertificateManager.createSigningRequest(CertificateManager.java:592)      at org.jivesoftware.openfire.admin.ssl_002dcertificates_jsp._jspService(ssl_002dcertificates_jsp.java:551)      at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)      at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)      at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:808)      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)      at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)      at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)      at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:74)      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)      at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:50)      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)      at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:78)      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)      at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:159)      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)      at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)      at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)      at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)      at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)      at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)      at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)      at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)      at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)      at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)      at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)      at org.eclipse.jetty.server.Server.handle(Server.java:497)      at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)      at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)      at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)      at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)      at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)      at java.lang.Thread.run(Unknown Source)

I tried using the console to delete the certificates.

c:\Program Files (x86)\Openfire\resources\security>keytool -delete -keystore keystore -alias rsa

Enter keystore password:

keytool error: java.lang.Exception: Alias does not exist

c:\Program Files (x86)\Openfire\resources\security>keytool -delete -keystore keystore -alias dsa

Enter keystore password:

keytool error: java.lang.Exception: Alias does not exist

The Website is running but no login in chat is possible.

I can see on the home site behind the Server name the message “Found RSA certificate that is not valid for the server domain.”