org.mortbay.util.PKCS12Import?

Openfire Openfire Support
1

I finally gave up with my earlier SSL question and just generated a certificate via OpenSSL. I sent my CSR to cacert.org and received my signed certificate. So, now I’‘m trying to figure out now how to import the PKCS12 certificate I have (I converted it from the PEM one) so I can use it with Wildfire. I saw one thread there someone said they’'d done this by using the org.mortbay.util.PKCS12Import class, but I have no idea how to do this. Could anyone help a n00b out? Thank you!

2

Okay, so I’‘ve figured out how to use the PKCS12Import class from org.mortbay.util.PKCS12Import in jetty.jar. So, all good there. Using some other documentation I’'ve found on the Internet, I tried the following command:

java -cp /path/to/jetty.jar org.mortbay.util.PKCS12Import server.pkcs12 server.ks

The file “server.pkcs12” is my signed certificate from CAcert.org, converted to pkcs12 format from the OpenSSL PEM format. “server.ks” is just a filename for the resulting keystore.

Now, when I run that command, I get the following exception:

Exception in thread “main” java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero

at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275 )

at java.security.KeyStore.load(KeyStore.java:1150)

at org.mortbay.util.PKCS12Import.main(PKCS12Import.java:87)

Caused by: java.lang.ArithmeticException: / by zero

at com.sun.crypto.provider.SunJCE_ab.a(DashoA12275)

at com.sun.crypto.provider.SunJCE_ab.a(DashoA12275)

at com.sun.crypto.provider.SunJCE_ab.a(DashoA12275)

at com.sun.crypto.provider.SunJCE_ab.a(DashoA12275)

at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(Das hoA12275)

at javax.crypto.Cipher.a(DashoA12275)

at javax.crypto.Cipher.a(DashoA12275)

at javax.crypto.Cipher.init(DashoA12275)

at javax.crypto.Cipher.init(DashoA12275)

at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271 )

… 2 more

/code

I don’‘t know much Java at all, and I see what the error is there, but I don’‘t understand what is wrong. So perhaps with this extra information someone can let me know what I’'m doing incorrectly? Thank you!

3

I figured out a different way to get the SSL certificates generated, so, I guess this post isn’'t relevant anymore.