Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

problem with certificate

843810Nov 28 2003 — edited Oct 17 2007
Is this a JDK bug?

Certificate is a MS Certificate Services CA certificate.

C:\Program Files\Java\j2re1.4.2_02\lib\security>..\..\bin\keytool -printcert -v -file ca2k.cer
sun.security.pkcs.ParsingException: X509.ObjectIdentifier() -- data isn't an object ID (tag = 48)
at sun.security.pkcs.PKCS7.parse(Unknown Source)
at sun.security.pkcs.PKCS7.<init>(Unknown Source)
at sun.security.provider.X509Factory.parseX509orPKCS7Cert(Unknown Source)
at sun.security.provider.X509Factory.engineGenerateCertificates(Unknown Source)
at java.security.cert.CertificateFactory.generateCertificates(Unknown Source)
at sun.security.tools.KeyTool.doPrintCert(Unknown Source)
at sun.security.tools.KeyTool.doCommands(Unknown Source)
at sun.security.tools.KeyTool.run(Unknown Source)
at sun.security.tools.KeyTool.main(Unknown Source)
Caused by: java.io.IOException: X509.ObjectIdentifier() -- data isn't an object ID (tag = 48)
at sun.security.util.ObjectIdentifier.<init>(Unknown Source)
at sun.security.util.DerInputStream.getOID(Unknown Source)
at sun.security.pkcs.ContentInfo.<init>(Unknown Source)
at sun.security.pkcs.PKCS7.parse(Unknown Source)
... 9 more
keytool error: java.lang.Exception: Failed to parse input


openssl:
openssl x509 -in ca2k.cer -inform DER -text

Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a4:e9:e6:01:3c:01:a1:4b:ff:ec:ed:22:cb:ab:d4
Signature Algorithm: sha1WithRSAEncryption
Issuer: emailAddress=jernej@zaslon.si, C=SI, ST=Siska, L=Ljubljana, O=ZASLON d.o.o., OU=SEB, CN=CA2K
Validity
Not Before: Feb 7 23:34:56 2000 GMT
Not After : Apr 8 15:31:10 2004 GMT
Subject: emailAddress=jernej@zaslon.si, C=SI, ST=Siska, L=Ljubljana, O=ZASLON d.o.o., OU=SEB, CN=CA2K
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (4096 bit)
Modulus (4096 bit):
00:c8:96:b8:36:27:f0:84:ac:68:9a:fc:6a:e5:3f:
b3:28:a5:83:e8:e7:0f:be:0f:13:41:07:7b:56:b4:
72:41:18:32:51:be:47:3f:74:39:ca:22:2f:f5:f7:
a7:39:0b:b4:24:20:41:3a:4a:85:78:2f:bc:8c:d1:
ac:31:1b:92:2c:bd:db:fd:72:d2:c4:77:20:ef:e0:
84:47:11:90:72:cb:37:c7:b8:13:28:05:2c:b3:49:
89:0c:93:f3:34:53:34:4d:2f:75:50:ae:65:0f:15:
06:79:92:81:fc:22:79:d2:f8:92:bb:06:a3:0f:aa:
20:01:cf:82:79:f8:65:19:af:cb:12:47:ce:cd:76:
32:76:b7:87:62:cb:42:c4:bb:8d:5c:47:02:75:9a:
a1:9c:ce:b4:1d:cd:17:a7:31:3f:58:bf:fb:d9:f5:
1a:c2:7e:9f:66:58:75:90:3f:16:b4:b7:81:30:7f:
b3:af:54:53:a7:f7:ab:21:a2:bb:c6:32:5e:2c:ce:
0b:fc:10:45:0c:1e:56:fd:cd:00:50:e5:fd:ad:91:
44:55:08:24:aa:94:85:e4:95:60:01:f5:5e:19:51:
2a:08:e2:91:fd:60:81:09:81:6f:21:7e:c2:e4:ad:
fa:06:6c:de:97:5c:0b:54:95:33:c2:ea:e8:7e:ee:
f4:ac:69:8c:b0:a7:ab:7e:5c:bd:a3:93:77:e6:26:
59:af:2c:26:1b:f7:49:12:af:d5:55:92:5a:25:a9:
fb:a9:64:1c:d7:92:84:35:d5:22:be:54:e3:c4:0f:
f6:d9:df:05:50:67:49:8e:28:c2:0c:44:33:79:36:
fd:34:db:46:24:94:e6:34:c3:29:f0:ed:37:15:58:
3b:d5:a5:5b:e3:d9:aa:33:b0:67:84:2f:7b:8f:1c:
5e:df:3b:97:21:4f:d4:f1:bb:01:c2:ac:b6:09:90:
57:30:85:38:78:66:36:fb:39:99:fa:23:69:59:2b:
fd:b1:52:a7:1a:9f:15:c9:38:5d:e0:fe:43:ec:58:
f5:73:b8:93:05:5a:00:df:53:30:88:59:e5:87:a1:
86:15:83:d8:f4:a5:09:e2:b2:95:35:0a:b0:97:b7:
f7:bf:64:3f:31:36:ce:c0:d4:ec:b8:47:70:e7:1d:
c7:dd:a2:d7:dd:3e:9a:35:ca:d2:4f:80:6f:9e:68:
cc:02:1a:cc:4d:00:ca:64:6a:c7:53:7b:f4:e2:ee:
3c:39:4a:1b:e8:92:37:b9:49:02:76:de:c2:f2:e4:
2d:7e:a8:56:59:0c:b1:b1:50:70:40:88:b8:2b:b3:
45:45:9e:14:bb:fe:b5:a9:8e:2f:be:11:fa:67:5a:
c8:e6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage:
Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
C0:8B:F2:10:EC:5E:F0:F8:6D:E1:EF:0B:1C:D7:B7:7C:BA:BE:F1:CA
X509v3 CRL Distribution Points:
URI:http://ca2k/CertEnroll/CA2K.crl

1.3.6.1.4.1.311.21.1:
...
Signature Algorithm: sha1WithRSAEncryption
7a:e0:1f:92:bb:ef:fe:c1:e7:a8:7e:b2:68:f0:4f:25:6f:13:
7c:7f:10:13:8a:e9:6f:d0:a4:8e:bd:a8:4c:40:d5:9a:9e:b5:
81:ad:66:a0:c7:39:c3:d0:4b:61:47:d5:cd:0a:e3:9f:78:a9:
e8:3e:b7:0d:6a:78:10:75:6a:16:a9:1a:7f:8f:13:80:f4:f5:
ff:8c:dc:28:83:bc:08:e3:d1:14:77:c8:ec:e1:9b:ec:b1:e4:
66:3c:91:31:35:33:79:d2:18:dd:15:84:77:9d:1b:71:9b:e3:
77:1f:88:4f:ee:be:5c:80:c9:08:72:c8:3d:f5:a2:03:12:12:
79:bf:8a:ee:de:2a:46:b5:af:21:35:c8:6c:a3:d5:eb:40:6a:
92:f7:4c:b9:18:af:1a:39:c0:e8:0e:fd:75:6f:93:a8:61:ba:
1f:0a:af:50:5f:d1:ea:55:dd:ab:f4:7a:55:48:03:7d:94:75:
dd:16:f7:f4:72:e1:0d:31:f5:dd:a4:51:3c:9e:d8:94:7a:32:
de:e0:cd:12:94:df:f1:0f:9e:1a:bd:7c:a5:ae:86:0d:da:12:
4c:72:88:5e:f4:ee:ae:1e:21:13:12:25:7b:29:4e:dc:f2:24:
62:e5:8c:35:9b:20:65:27:bd:d6:f9:0a:0a:3a:1c:64:b6:f4:
45:0c:f2:54:c5:2f:14:ee:51:56:71:9e:9b:25:d5:84:c0:42:
4b:2c:15:04:d7:8a:7e:9c:c1:cd:bf:d3:5d:5a:76:2a:e4:7e:
55:4b:12:1b:be:e8:8c:06:ba:b7:27:d1:8b:9c:ca:4f:3b:95:
63:bc:21:ab:de:c9:81:13:63:e7:46:6a:c6:82:1e:09:28:ac:
44:72:41:59:68:45:f0:77:02:c0:56:16:37:c9:aa:dd:54:bc:
a8:18:77:1c:6c:36:b5:ee:2b:7a:ca:ee:f6:d7:49:70:32:44:
5b:1d:05:48:11:d1:90:ca:a9:c2:7b:c3:e0:7b:74:a3:b3:41:
46:a9:04:c0:e3:0e:80:5b:64:d8:46:4c:16:27:0a:ed:f5:79:
f7:14:6f:c9:7c:62:cc:ae:49:c5:62:82:0d:c7:6d:54:73:9d:
36:6a:d8:ea:e2:8e:c8:e8:dd:08:f4:65:4c:b3:36:5f:fa:6c:
4a:94:9f:5c:73:46:9c:35:21:dc:48:e2:5e:2f:b5:d8:74:f1:
1a:3a:c3:6c:b1:dc:29:49:73:31:28:6c:3e:e4:a1:9b:be:54:
29:47:6c:16:9b:87:ce:6d:32:ac:40:2d:62:0b:b3:0f:7c:c5:
cb:c6:78:cd:4b:fe:88:31:e7:9c:75:50:58:75:dc:be:86:40:
a1:70:e4:7d:c8:ba:f7:01
-----BEGIN CERTIFICATE-----
MIIGHzCCBAegAwIBAgIQd6Tp5gE8AaFL/+ztIsur1DANBgkqhkiG9w0BAQUFADCB
hzEfMB0GCSqGSIb3DQEJARYQamVybmVqQHphc2xvbi5zaTELMAkGA1UEBhMCU0kx
DjAMBgNVBAgTBVNpc2thMRIwEAYDVQQHEwlManVibGphbmExFjAUBgNVBAoTDVpB
U0xPTiBkLm8uby4xDDAKBgNVBAsTA1NFQjENMAsGA1UEAxMEQ0EySzAeFw0wMDAy
MDcyMzM0NTZaFw0wNDA0MDgxNTMxMTBaMIGHMR8wHQYJKoZIhvcNAQkBFhBqZXJu
ZWpAemFzbG9uLnNpMQswCQYDVQQGEwJTSTEOMAwGA1UECBMFU2lza2ExEjAQBgNV
BAcTCUxqdWJsamFuYTEWMBQGA1UEChMNWkFTTE9OIGQuby5vLjEMMAoGA1UECxMD
U0VCMQ0wCwYDVQQDEwRDQTJLMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
AgEAyJa4NifwhKxomvxq5T+zKKWD6OcPvg8TQQd7VrRyQRgyUb5HP3Q5yiIv9fen
OQu0JCBBOkqFeC+8jNGsMRuSLL3b/XLSxHcg7+CERxGQcss3x7gTKAUss0mJDJPz
NFM0TS91UK5lDxUGeZKB/CJ50viSuwajD6ogAc+CefhlGa/LEkfOzXYydreHYstC
xLuNXEcCdZqhnM60Hc0XpzE/WL/72fUawn6fZlh1kD8WtLeBMH+zr1RTp/erIaK7
xjJeLM4L/BBFDB5W/c0AUOX9rZFEVQgkqpSF5JVgAfVeGVEqCOKR/WCBCYFvIX7C
5K36Bmzel1wLVJUzwurofu70rGmMsKerfly9o5N35iZZrywmG/dJEq/VVZJaJan7
qWQc15KENdUivlTjxA/22d8FUGdJjijCDEQzeTb9NNtGJJTmNMMp8O03FVg71aVb
49mqM7BnhC97jxxe3zuXIU/U8bsBwqy2CZBXMIU4eGY2+zmZ+iNpWSv9sVKnGp8V
yThd4P5D7Fj1c7iTBVoA31MwiFnlh6GGFYPY9KUJ4rKVNQqwl7f3v2Q/MTbOwNTs
uEdw5x3H3aLX3T6aNcrST4BvnmjMAhrMTQDKZGrHU3v04u48OUob6JI3uUkCdt7C
8uQtfqhWWQyxsVBwQIi4K7NFRZ4Uu/61qY4vvhH6Z1rI5j0CAwEAAaOBhDCBgTAL
BgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUwIvyEOxe8Pht
4e8LHNe3fLq+8cowMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL2NhMmsvQ2VydEVu
cm9sbC9DQTJLLmNybDAQBgkrBgEEAYI3FQEEAwIBAjANBgkqhkiG9w0BAQUFAAOC
AgEAeuAfkrvv/sHnqH6yaPBPJW8TfH8QE4rpb9Ckjr2oTEDVmp61ga1moMc5w9BL
YUfVzQrjn3ip6D63DWp4EHVqFqkaf48TgPT1/4zcKIO8COPRFHfI7OGb7LHkZjyR
MTUzedIY3RWEd50bcZvjdx+IT+6+XIDJCHLIPfWiAxISeb+K7t4qRrWvITXIbKPV
60BqkvdMuRivGjnA6A79dW+TqGG6HwqvUF/R6lXdq/R6VUgDfZR13Rb39HLhDTH1
3aRRPJ7YlHoy3uDNEpTf8Q+eGr18pa6GDdoSTHKIXvTurh4hExIleylO3PIkYuWM
NZsgZSe91vkKCjocZLb0RQzyVMUvFO5RVnGemyXVhMBCSywVBNeKfpzBzb/TXVp2
KuR+VUsSG77ojAa6tyfRi5zKTzuVY7whq97JgRNj50ZqxoIeCSisRHJBWWhF8HcC
wFYWN8mq3VS8qBh3HGw2te4resru9tdJcDJEWx0FSBHRkMqpwnvD4Ht0o7NBRqkE
wOMOgFtk2EZMFicK7fV59xRvyXxizK5JxWKCDcdtVHOdNmrY6uKOyOjdCPRlTLM2
X/psSpSfXHNGnDUh3EjiXi+12HTxGjrDbLHcKUlzMShsPuShm75UKUdsFpuHzm0y
rEAtYguzD3zFy8Z4zUv+iDHnnHVQWHXcvoZAoXDkfci69wE=
-----END CERTIFICATE-----
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Nov 14 2007
Added on Nov 28 2003
#cryptography
10 comments
2,040 views