Java security blocks long certificates
843811May 26 2010 — edited May 27 2010Hi friends! I have a modern certificate FNMT Clas 2, extension pfx. I can't load this certificate in a linux ibm server with java 1.4 but it works in java 1.6 in windows operating system.
In linux i have:
/usr/local/java/bin/keytool -list -keystore /mycerts/andel.cer -storetype pkcs12
Error de keytool: java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.
I have tried with java program instead the keytool, and the error it's the same:
java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.
at com.ibm.security.util.DerInputStream.getLength(Unknown Source)
at com.ibm.security.util.DerInputStream.getLength(Unknown Source)
at com.ibm.security.util.DerValue.<init>(Unknown Source)
at com.ibm.security.util.DerInputStream.getDerValue(Unknown Source)
at com.ibm.security.pkcsutil.PKCSDerObject.decode(Unknown Source)
at com.ibm.security.pkcs12.AuthenticatedSafe.<init>(Unknown Source)
at com.ibm.security.pkcs12.BasicPFX.verifyMac(Unknown Source)
at com.ibm.security.pkcs12.PFX.verifyMac(Unknown Source)
at com.ibm.crypto.provider.PKCS12KeyStore.engineLoad(Unknown Source)
at java.security.KeyStore.load(KeyStore.java:1173)
at andelest2.FirmadorPdf2.execute(FirmadorPdf2.java:51)
at andelest2.AndInit.<init>(AndInit.java:21)
at andelest2.AndInit.main(AndInit.java:28)
Works in windows + java.16 and not linux ibm java 1.4?? I think it's a security problem. I need that works with linux server 1.4 java, you have any solution?? I need to change java.security or change some jar packages??
Thanks a lot