Hello,
I've generated DSA and RSA certificates with openssl-0.9.6 and JDK1.3
can't seem to read them. No matter what I do I get this:
./certTest
Exception in thread "main" java.security.spec.InvalidKeySpecException:
Inappropriate key specification: invalid key format
at
sun.security.provider.DSAKeyFactory.engineGeneratePublic(DSAKeyFactory.java:70)
at java.security.KeyFactory.generatePublic(KeyFactory.java:186)
at com.tfn.autex.analysis.security.CertTest.main(CertTest.java:39)
To generate my DSA key I do:
> openssl dsaparam -inform PEM -outform PEM -rand random-bits -out
dsaparam.out 1024
> openssl gendsa -out ca.key -rand random-bits dsaparam.out
> openssl req -new -x509 -days 3650 -config $CONFIG -key ca.key -out ca.crt
The resulting ca.crt just isn't understood by java.
I can make this work perfectly: just cut all the text that openssl
placed above the "-----BEGIN CER..." line.
Should I be calling different Java libraries? Why can't the default
JDK1.3 java.security.cert.* classes handle the "stuff?" that openssl
places at the beginning of an X.509 certificate?
Thanks.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
