Hi Nicolas, I have another idea that may be helpful although I didn't test it.
First, try downloading the "Unlimited Strength jurisdiction files" from Sun: http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=22&PartDetailId=7503-jce-1.4.2-oth-JPR&SiteId=JSC&TransactionId=noreg and install it. If that doesn't fix your problem, you may try the Bouncycastle API to create a different keystore, i.e. PKCS#12 (which is compatible with all certificates, as far as I am informed). You can find the Bouncycastle API here: http://www.bouncycastle.org/ Installation Instructions (how to make it your default JAVA security provider) are here: http://www.bouncycastle.org/specifications.html#install Then, if it still doesn't work, try using the keytool GUI. It seems to have gone commercial, but I still have a decentral backup of a GPL'ed version. You can download it from: ftp://ftp.informatik.uni-bremen.de/home/lippold/ktg-17.jar With that it should be possible to examine existing keystores as well as import certificates into new or existing ones. If you want to check the order of your Java security providers, use this small java program: ftp://ftp.informatik.uni-bremen.de/home/lippold/ProviderInformation.java I take it that you are greek, but if you speak german, you can read a paper of mine where we used the bouncycastle api with tomcat and jcetaglib to generate certificates. In the paper the process of installing the bouncycastle api and using the keytool is explained in detail (starting at page 11): http://www.informatik.uni-bremen.de/~lippold/pdf/krypto/javasec.pdf HtH, Georg Massimiliano Pala wrote: > Nicolas Vahlas wrote: > >> I have recently installed OpenCa on a Linux RedHat 9 for testing > > [...] > >> Am I doing something wrong ? Can anybody help me ? >> Thanks in advance. > > > MMMmmm... very very strange. It seems like that java is expecting the > certificate > to be in a PKCS#7 structure, which is not. You can try this: > > $ openssl crl2pkcs7 -certfile $ca_file -nocrl -out $new_file > > and then use the java tool on the "$new_file". Let me know if you have > results... > ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today Register for a JBoss Training Course. Free Certification Exam for All Training Attendees Through End of 2005. For more info visit: http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
