We are having problems signing a string of text in Java using the .pfx certificate generated under windows. First, we executed the following steps in the order shown below on a Ubuntu Linux 12.0.4 LTS:
1 - Converted the .pfx certificate to java keystore (jks) using the following commands:
openssl pkcs12 -in SupportTest-.pfx -out tempcertfile.crt -nodes
2 - Splited the certificate into two separate files:
2.1 - A file containing the private key (key.pem)
2.2 - Another file containing the rest (cert.pm)
3 - Exported the key certificates in point 2) to a keystore of type PKCS12
openssl pkcs12 -export -in cert.pm -inkey key.pem -out aKeystore.p12 -name akeystore
4 - Convert pkcs12 keystore to a java keystore jks
keytool -importkeystore -srckeystore aKeystore.p12 -srcstoretype PKCS12 -deskeystore akeystore.jks -destoretype jks
5 - Signing text messages with the private key retrieved from the jks ketstore
We used Java 7 to sign the text. We did not encounter any coding issue, and the .initVerify() method in java.security.Signature returned true. The problem is that when the code is signed on Windows using the .Net platform, the signature is different than the one produced by Java. Both applications use the SHA256 with RSA.
Any help would be highly appreciated.