Can you add a -debug option and show me the full output? You can also add a -J-Djava.security.debug=all but I am not sure if the output is useful. --Max
We found it useful but there is a lot of it. We also used it while walking though the code and viewing our own logs. You can see for example that it will silently select a local Sun mechanism if it cannot find one in your P11 token. Mark Joseph P6R, Inc > On Jan 12, 2016, at 9:38 AM, Mark Joseph <m...@p6r.com> wrote: > > Hi, > > We are a PKCS#11 vendor and we are in the process of integrating our C > library with keytool and jarsigner. > > We are executing the following comand line. > > keytool -keystore NONE -storetype PKCS11 -storepass 12345678 -providerName > SunPKCS11-P6Rtoken -providerclass sun.security.pkcs11.SunPKCS11 -providerarg > E:\work\SKC_OPT_2015_2\p6r.cfg -genkeypair -keyalg RSA -keysize 2048 -alias > p6rsignkey -v > > We are doing this on Windows, and we are using the latest Java keytool out of > the JDK. > Our library is 64 bits and the Java version we have installed is 64 bits. > > Now what we are seeing is strange. The above worked one time with the key > pair being generated and stored in our PKCS11 library. > > Then we reset everything and continued to do testing and the result was that > keytool again created a Certificate and a Private key and placed them into > our PKCS11 library. > > However, instead of finishing by creating the key pair by calling our PKCS11 > library it just stopped and returned. There was no error or exception > printed out. > > So we are stuck not knowing what is wrong? Any one seen this before or > have a way we can see why the keytool is "aborting" out of running? > > > > Best, > Mark Joseph > P6R, Inc
