powered by Jive Software

Supplied key (null) and Illegal key size

Hi,

I’ve gone through the same nightmare everybody is talking about, and kept running into the “Supplied key (null)” error, regardless of what I have tried to do…

Deleted my keystore and got “security/keystore (No such file or directory)” in the error log.

Recreated a “dummy” keystore by putting the startcome certificate in it.

And I am now getting the “Illegal key size” error…

A find on the servers shows me:

./jre/lib/security/US_export_policy.jar
./jre/lib/security/java.policy
./jre/lib/security/javaws.policy
./jre/lib/security/local_policy.jar

So I am assuming that JCE is installed ?

Any suggestions ?

Thanks.

This post doesn’t show up under “Certificates” even though I have tagged it as such. what do I need to do to make it show up there ?

Solved !

Here is what I did:

-Downloaded the “Unlimited Strength Jurisdiction Policy Files” from the SUN website, downloaded the latest version.

-even though I already had the files “local_policy.jar” and “US_export_policy.jar” in openfire/jre/lib/security, that came with the openfire install, those files are not the Unlimited Strength ones, so they need to be replaced with the Unlimited Strength ones.

-IMPORTANT: shutdown openfire (/etc/init.d/openfire stop on UNIX)

-use keytool to remove all the keys in your current keystore:

cd openfire/resources/security/

…/…/jre/bin/keytool -list -keystore keystore

For each key in there:

…/…/jre/bin/keytool -delete -alias blahblahblah -keystore keystore

-restart openfire (/usr/init.d/openfire start)

-use the admin console to paste your key in. Note that you need to copy and paste the entire file, including the -----BEGIN CERTIFICATE----- etc…)

Note: If you don’t stop openfire before you clean up your keystore,your keystore will look clean, but when you add the key, it will be added as example.com_2, and everything that you just deleted will re-appear !