Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Thawte Certificate Request/keytool -printcert

843811Aug 5 2006 — edited Aug 18 2006
Hi all,

I have a new Thawte X.509 certificate that doesn't work with keytool. In 2001 und 2003 I had (now expired) certificates that did work. Here is what I did then:

- I generated self signed certificate with keytool
- I generated certificate signing request with keytool
- Thawte issued X.509 certificate
- I changed the header/footer to:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
- I did -printcert/-import of the certificate

Today, the last position has the following error:
---------------------------------------------------------------
leder@tokyo:~/TMP$ keytool -printcert -v -file leder.cer
Keytool-Fehler: java.lang.Exception: Eingabe konnte nicht analysiert werden.
java.lang.Exception: Eingabe konnte nicht analysiert werden.
at sun.security.tools.KeyTool.doPrintCert(KeyTool.java:1678)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:874)
at sun.security.tools.KeyTool.run(KeyTool.java:171)
at sun.security.tools.KeyTool.main(KeyTool.java:165)
Caused by: java.security.cert.CertificateException: sun.security.pkcs.ParsingException: Sequence tag error
at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:419)
at java.security.cert.CertificateFactory.generateCertificates(CertificateFactory.java:427)
at sun.security.tools.KeyTool.doPrintCert(KeyTool.java:1676)
... 3 more
Caused by: sun.security.pkcs.ParsingException: Sequence tag error
at sun.security.pkcs.PKCS7.parse(PKCS7.java:118)
at sun.security.pkcs.PKCS7.<init>(PKCS7.java:68)
at sun.security.provider.X509Factory.parseX509orPKCS7Cert(X509Factory.java:540)
at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:417)
... 5 more
Caused by: java.io.IOException: Sequence tag error
at sun.security.util.DerInputStream.getSequence(DerInputStream.java:280)
at sun.security.pkcs.PKCS7.parseNetscapeCertChain(PKCS7.java:176)
at sun.security.pkcs.PKCS7.parse(PKCS7.java:146)
at sun.security.pkcs.PKCS7.parse(PKCS7.java:115)
... 8 more
leder@tokyo:~/TMP$
---------------------------------------------------------------------------------------------------------


Bye
Gerrit Leder
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Sep 15 2006
Added on Aug 5 2006
#cryptography
8 comments
573 views