Private key file from acs 3.3
Hi All ,
I have my SSL server certficate on my old acs 3.3.along with private key file , How i can export this private file with .pem extension from windows 2000 server , This private key file is not identified under certficate mmc console , Because my acs application is being installed on a separate hardisk partion under D drive .
file path : d:\Certificates\bh02cacsw02.pem
how i can export this.pem from that particular folder , Thank you
Hi,
i see that you have mentioned the path d:\Certificates\bh02cacsw02.pem.
The private key will have an extension of .pvk.
are you aware of the location where private key is stored?? if yes, you can directly copy the private key and export.
I am bit confused of you requirement.. do you want to export the cert with the private key??
You can check the cert in the ACScertStore folder in MMC.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Calibri","sans-serif";}
MMC > Click on File > Add/Remove Snap-in > Add > Certificates > Add > Computer Account > Local Computer > Finish > Close > OK.
Hope this helps.
Regards,
Anisha
P.S.: Please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.
Similar Messages
-
I have Weblogic Server Version 6.0. I created Private Key File using Certificate
Request Generator Servlet. It created the the private key file (.der) file &
CSR using which I got the Trial Server Certificate from Verisign. I installed
the certificate (.pem) and configured the server. When I restarted the server
it gives the following EOFException while reading the Private Key File : (I gave
the Private Key password while generating the private key file from the servlet)
<Dec 21, 2001 7:43:08 PM GMT+05:30> <Alert> <WebLogicServer> <Security configura
tion problem with certificate file config/mydomain/TTI-D066-key.der, java.io.EOF
Exception>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:398)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Thanks in advance for any solutions...
Regards,
VenkatesanHi,
please check if you provided the private key password which was used to
create the file in the following property
-Dweblogic.management.pkpassword
on the command line correctly.
In addition, please check "Use Encrypted Keys" to "true" in <server>->SSL
tab from the admin console.
Maria
Developer Relations Engineer
BEA Support
Venkatesan schrieb in Nachricht <3c234536$[email protected]>...
>
I have Weblogic Server Version 6.0. I created Private Key File usingCertificate
Request Generator Servlet. It created the the private key file (.der) file&
CSR using which I got the Trial Server Certificate from Verisign. Iinstalled
the certificate (.pem) and configured the server. When I restarted theserver
it gives the following EOFException while reading the Private Key File : (Igave
the Private Key password while generating the private key file from theservlet)
>
<Dec 21, 2001 7:43:08 PM GMT+05:30> <Alert> <WebLogicServer> <Securityconfigura
tion problem with certificate file config/mydomain/TTI-D066-key.der,java.io.EOF
Exception>
java.io.EOFException
at weblogic.security.Utils.inputByte(Utils.java:133)
at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:398)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Thanks in advance for any solutions...
Regards,
Venkatesan -
Hello everyone,
I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0 SP2
with WLP 7.0 SP2. Everythng is fine except for that we cannot use the same
SSL certificate. By defaul the private key is not encrypted with password
(SSL.KeyEncrypted = false by default, according to the documentations) in
both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script results the
following error:
<Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
<Inconsistent se
curity configuration, java.lang.Exception: Cannot read private key from file
C:\
bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
sure pa
ssword specified in environment property weblogic.management.pkpassword is
valid
.>
java.lang.Exception: Cannot read private key from file
C:\bea7\user_projects\age
ncyPortal\portal_islandinsurance_com-key.der. Make sure password specified
in en
vironment property weblogic.management.pkpassword is valid.
at
weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
ava:434)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
at weblogic.Server.main(Server.java:32)
Is this happening because the private key is actually encrypted with the
password? It was working, although the KeyEncrypted is not set to true and
the startup script for WLS 6.1 instance did have a line
with -Dweblogic.management.pkpassword. Or could this error be result of
something else? The physical machine the instances are located is the same
and IP address and the DNS entry hasn't been changed, either.
Any insight will be greatly appreciated. Thanks!
MakotoThanks Tony - it worked!!
"Tony" <TonyV> wrote in message news:[email protected]...
It may be because the private key is both unprotected and in DER format.
There are some things to try:
1) Convert the private key file from a DER file to a PEM file and try
that:
a) Follow the for converting an unprotected private key at:
http://e-docs.bea.com/wls/docs70/adminguide/utils.html#1143743
b) Look at the resulting PEM file, it should look something like
this:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
(Be sure there is no extra lines or whitespace after thefooter)
>
c) Change your configuration to point at the PEM file
If that doesn work, then you can try protecting the key with apassword
using
the wlkeytool utility (It should be in the server/bin directory). The
tool should prompt
for a password to use to protect it:
wlkeytool inputkey.pem outputkey.pem
Then change your configuration to use the protected private key, andset
the passwod to use.
Tony
"Makoto Suzuki" <[email protected]> wrote in message
news:[email protected]...
Hello everyone,
I'm trying to upgrade a WLS 6.1 SP2 with WLP 4.0 SP2 instance to WLS 7.0SP2
with WLP 7.0 SP2. Everythng is fine except for that we cannot use the
same
SSL certificate. By defaul the private key is not encrypted withpassword
(SSL.KeyEncrypted = false by default, according to the documentations)in
both WLS 6.1 and WLS 7.0. But running WLS 7.0 startup script resultsthe
following error:
<Sep 17, 2003 5:06:40 PM HST> <Alert> <WebLogicServer> <000297>
<Inconsistent se
curity configuration, java.lang.Exception: Cannot read private key fromfile
C:\
bea7\user_projects\agencyPortal\portal_islandinsurance_com-key.der. Make
sure pa
ssword specified in environment property weblogic.management.pkpassword
is
valid
.>
java.lang.Exception: Cannot read private key from file
C:\bea7\user_projects\age
ncyPortal\portal_islandinsurance_com-key.der. Make sure passwordspecified
in en
vironment property weblogic.management.pkpassword is valid.
at
weblogic.security.service.SSLManager.getServerPrivateKey(SSLManager.j
ava:434)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:153)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:122)
atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1513)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:852)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:295)
at weblogic.Server.main(Server.java:32)
Is this happening because the private key is actually encrypted with the
password? It was working, although the KeyEncrypted is not set to true
and
the startup script for WLS 6.1 instance did have a line
with -Dweblogic.management.pkpassword. Or could this error be result of
something else? The physical machine the instances are located is thesame
and IP address and the DNS entry hasn't been changed, either.
Any insight will be greatly appreciated. Thanks!
Makoto -
Private key import via ImportPrivateKey
I used the Certificate web app included with WLS 7.0 SP1 to generate my private
key and my CSR. I then used the CSR to request a certificate from my Dept. of
Defense Certificate Authority. I received my certificate. I then tried to use
the WLS ImportPrivateKey utility to import my key with the following steps as
shown in the ImportPrivateKey reference example.
1) I used keytool -printcert to verify the contents of my servercert.pem file
and my CAcert.pem file.
2) I combined the certificate returned for my server with the CA's root certificate
cat servercert.pem CAcert.pem > combined.pem
3) I converted my private key file produced by the Certificate web app to pem
format using the WLS der2pem utility
4) I ran the Import utility
java utils.ImportPrivateKey serverkey.jks store_pwd key_alias key_pwd combined.pem
server_private_key.pem.
I received the following error.
ImportPrivateKey will create serverkey.jks
ImportPrivateKey failed, java.security.KeyManagementException: ASN.1: Unxpected
ASN.1 tag
java.security.KeyManagementException: ASN.1: Unxpected ASN.1 tag
at com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdentityPartial(Unknown
Source)
at com.certicom.net.ssl.CerticomContextWrapper.inputPrivateKey(Unknown
Source)
at utils.ImportPrivateKey.importKey(ImportPrivateKey.java:76)
at utils.ImportPrivateKey.importKey(ImportPrivateKey.java:44)
at utils.ImportPrivateKey.main(ImportPrivateKey.java:32)
Does anyone have an idea where I went wrong? Can anyone offer an explanation?
Thanks"Mallik" <[email protected]> wrote in message
news:3f3274e9$[email protected]..
>
I am trying to install weblogic generated ssl certificate and because theprivate
key needs to be encrypted with a password, i am loading this in a new JDKkeystore
and trying to configure WL.
I am running utils.CertGen from weblogic 7.0 sp3 on XP.
X:\SSLTest>java utils.CertGen testpassword testcert testkey
Creating Domestic Key Strength - 1024
..... Certificate CommonName will contain Hostname KUNDULA_M-DGS
Encoding
Try this on 8.1 and see if it works. There was a bug fix with respect to "_"
in hostnames. -
SSL CertGen & Private key import errors - 7.0
I am trying to install weblogic generated ssl certificate and because the private
key needs to be encrypted with a password, i am loading this in a new JDK keystore
and trying to configure WL.
I am running utils.CertGen from weblogic 7.0 sp3 on XP.
X:\SSLTest>java utils.CertGen testpassword testcert testkey
Creating Domestic Key Strength - 1024
..... Certificate CommonName will contain Hostname KUNDULA_M-DGS
Encoding
Created Private Key files - testkey.der and testkey.pem
com.rsa.certj.cert.CertificateException: Cannot build Cert Request Info: Unable
to encode X500Name.
at com.rsa.certj.cert.PKCS10CertRequest.getCertRequestInfoDEREncoding(PKCS10CertRequest.java:824)
at com.rsa.certj.cert.PKCS10CertRequest.signCertRequest(PKCS10CertRequest.java:1082)
at utils.CertGen.createCertificateRequest(CertGen.java:312)
at utils.CertGen.processCommand(CertGen.java:185)
at utils.CertGen.main(CertGen.java:170)
com.rsa.certj.cert.CertificateException: Cannot build Cert Request Info: Unable
to encode X500Name.
at com.rsa.certj.cert.PKCS10CertRequest.getCertRequestInfoDEREncoding(PKCS10CertRequest.java:824)
at com.rsa.certj.cert.PKCS10CertRequest.signCertRequest(PKCS10CertRequest.java:1082)
at utils.CertGen.createCertificateRequest(CertGen.java:312)
at utils.CertGen.processCommand(CertGen.java:185)
at utils.CertGen.main(CertGen.java:170)
I went ahead and ran the same CertGen on unix and got the certificate file and
the key file
to my box to check to see if i can install it. I created a new keystore with keytool,
loaded the private key with the alias and the password phrase, made this key store
the default keystore, supplied the management password, changed the files to read
the new cert file and key file.
Attached is the log for the SSL debug.
Do i need to import the private key stored in the JDK for weblogic ? I tried doing
that by running.
X:\>java utils.ImportPrivateKey X:\bea\user_projects\mydomain\mystore.jks mypass
myalias pvtPasswd X:\bea\user_projects\mydomain\localcert.pem X:\bea\user_projects\mydomain\localkey.pem
ImportPrivateKey will use existing X:\bea\user_projects\mydomain\mystore.jks
ImportPrivateKey failed, java.security.KeyManagementException: ASN.1: Unxpected
ASN.1 tag
java.security.KeyManagementException: ASN.1: Unxpected ASN.1 tag
at com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdentityPartial(Unknown
Source)
at com.certicom.net.ssl.CerticomContextWrapper.inputPrivateKey(Unknown
Source)
at utils.ImportPrivateKey.importKey(ImportPrivateKey.java:76)
at utils.ImportPrivateKey.importKey(ImportPrivateKey.java:44)
at utils.ImportPrivateKey.main(ImportPrivateKey.java:32)
X:\>
Attached log is SSL debug enabled and it cant see the private key.
Any help is appreciated.
thanks,
mallik
[ssldebuglog.txt]"Mallik" <[email protected]> wrote in message
news:3f3274e9$[email protected]..
>
I am trying to install weblogic generated ssl certificate and because theprivate
key needs to be encrypted with a password, i am loading this in a new JDKkeystore
and trying to configure WL.
I am running utils.CertGen from weblogic 7.0 sp3 on XP.
X:\SSLTest>java utils.CertGen testpassword testcert testkey
Creating Domestic Key Strength - 1024
..... Certificate CommonName will contain Hostname KUNDULA_M-DGS
Encoding
Try this on 8.1 and see if it works. There was a bug fix with respect to "_"
in hostnames. -
WBL 7.0 and SSL private key problem
Having generated certificate request, and associated private key, I obtained
the corresponding server level certificate. I am having problems starting the
server with the cert. I have configured my server appropriately, here is the SSL
configuration from the domain config.xml
<SSL Enabled="true" HostnameVerificationIgnored="true"
ListenPort="8090" Name="SampleServer"
ServerCertificateChainFileName="nasaca.pem"
ServerCertificateFileName="mydomain-cert.pem"
ServerKeyFileName="mydomain-key.pem"/>
and I am using -Dweblogic.management.pkpassword=mypassword
in the startup script, however I get :
java.lang.Exception: Cannot read private key from file /usr/user_projects/Sample/mydomain-key.pem.
Make sure password specified in environment property weblogic.management.pkpassword
is valid.
I have given the right password. So the question is why am I seeing the error
I am running this server on Sun Solaris. The password contains the usual ascii
characters, including shell special characters.
Any way checking the private key file ?
Also as we have seen problems with the particular certificate we get from the
CA, I wanted to use "utils.ValidateCertChain", alas this documented utility is
conveniently missing from weblogic.jar. Oh big blue, why didn't we go with you
Seriously, please help
TarangDarkit,
I have the same problem. Let me know if you find a solution to this problem.
Thanks,
Bharathi -
How to use the RSA key files generated by Crypto++ in java
Hi - Good day to all :)
I have two RSA key files(private key file and public key file) generated by Crypto++ 5.2.1:
code here:
void GenerateRSAKey(unsigned int keyLength, const char *privFilename, const char *pubFilename, const char *seed)
RandomPool randPool;
randPool.Put((byte *)seed, strlen(seed));
RSAES_OAEP_SHA_Decryptor priv(randPool, keyLength);
HexEncoder privFile(new FileSink(privFilename));
priv.DEREncode(privFile);
privFile.MessageEnd();
RSAES_OAEP_SHA_Encryptor pub(priv);
HexEncoder pubFile(new FileSink(pubFilename));
pub.DEREncode(pubFile);
pubFile.MessageEnd();
}generated private key is:
30820273020100300D06092A864886F70D01010105000482025D3082025902010002818100E19891D888651221AF315B369873F01910D097F554723EE8748FA230F2B954EBEFC57CB402DD03333BA9514AB5256EF92BE714C710D166A1D86CB7A11EFB4499506826AB873F5036B92F07BBB3ABB8F562646DE6E11031C46542633605FDE4A31E0E0A8651B4BC7743C18266D664E59E713D7595ED3D3B6C2F94C6072E276171020111028180425A0CC7372CC918F74AC07978221970C8B5D25736F46CDAF51B2FB40B27735473B28E16D3AA6A5A5CD7724326382FB2B28F4258AA97F1026CD4AE7AAEC25F77D54DF69BB3979E2893EBB071DA5752871BC8C60F9B5546C466F3103884D6B67FADCD51B17899991989507CB16F45DD76EC0DEDA1BD979ED1A101179F9687E9E5024100FFCAAEF814F12DCBDF20D4CFDD5007738DAAE45AE7EC2FD8E23A9EFCA85FADCAF61B03BFEA6FE6023E78700F804C4C275375A85BC367FE39D5FB2E0F0A4555F7024100E1C797A20FB108ADAFECDB025665FF500FDBB4F0829BAAE95833C046005DCA593F6C2437CD3A9AB7CC04372F422B0EE2C7FED87AA53821366962AE0CBDAD89D702402D23C48621D035421851167F08F00150A08791B5B074F96282469486F0895AE794D7973FFC31DD4BB0ABD78A43D13A9D8732E1799AF43BEC16B3DAF3986696B30240351FE7716D1A98A156921569F6361DF4B86FEE56B551CDDC8D395A6AD2E8E4513C1971EF031CD91C3000FDED00829A173E1DD895540D34FDBE71925D59CE7AC9024014A4347A1E7408FBB0A9AE5064FA58CAF2BCA5C00B8082A46EECABFA5CBF61364FEE81E2C049F399A2F601C802DD54A6D9340FABE62D6D1F913026C8B3764AFEI use this key in java
BufferedInputStream input=new BufferedInputStream(new FileInputStream("privateKey"));
int size= input.available();
byte[]buffer=new byte[size];
input.read(buffer);
X509EncodedKeySpec lX509EncodedKeySpec = new X509EncodedKeySpec(buffer);
PrivateKey lPrivateKey = KeyFactory.getInstance("RSA").generatePrivate(lX509EncodedKeySpec);there is a exception,at generatePrivate() method
at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:294)
at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:171)
at java.security.KeyFactory.generatePrivate(KeyFactory.java:322)
at test.Main.main(Main.java:27)any body can help me?X509 is for public keys, not private keys. You need PKCS8 using PKCS8EncodedKeySpec on the hex decoded private key string.
Your method for reading the private key from the file is flawed. The method available() does not guarantee to give you the file length. This is easy to prove since files can be longer than Integer.MAX_VALUE and available() returns an 'int'. To get the file length use File.length() which returns a 'long'. Also, reading from an InputStream using
input.read(buffer); does not guarantee to read all the bytes. For that you need to use something like DataInputStream.readFully(). -
Installing Domain Controller certificates remotely - private key remains on local server!
Using a 3rd party CA (Entrust), I have successfully requested and installed Domain Controller certificates via the Certificates MMC snap-in.
I did this from one Domain Controller, and then just used the (right click) "Connect to another computer" option to do the rest. Everything looks absolutely fine, the certificates look ok.... certificate chain is complete, and valid (all
CA certs are installed) and the certificates say "You have the private key that corresponds to this certificate".
If I do a LDAPS bind using LDP.exe, it works fine on the first DC.
Do this on the next and I get the error:
Cannot open connection
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to DCHostname.
After some checking I looked in the folder C:\ProgramData\Microsoft\Crypto\Keys
This contains a lot of files on the DC I was logged onto when installing the certs, and no files on any of the other DCs. I am guessing this is the private key file and it has stored all of them on the local machine I was running MMC from rather than
on the machines I connected to from MMC.
Is there any way to get these keys onto the correct DCs now - or will I have to re-request all of the others. The private key was not exportable.
I figured copying and pasting them was probably not going to work with a private key, but I tried it anyway just to be sure!
It is pretty annoying as no clue was given during the process of requesting and installing the certificates, and there is no error when you look at the certificate - they all think they have the private key associated to them, even though it rather looks
like they don't!
It's a bit painful requesting certificates here, so any help in avoiding this would be appreciated! Thank youThank you Elke,
So I copied the key files across from the server where they were all generated to the server I remotely connected to (which had no key files at all). Copied all just to be sure, though I’m
pretty sure which one actually relates to that server as I did them all in order - reflected by the time stamps.
Ensured all the permissions were the same, and that they were marked as ‘system’ files.
Ran the command
certutil -repairstore my [SerialNumber of cert]as
you suggested, but no luck unfortunately.
So firstly, I get the same error message:
Cannot find the certificate and private key for decryption.
CertUtil: -repairstore command FAILED: 0x80090010 (-2146893808)
And then I get:
CertUtil: Access denied.
Not sure why the access denied, I am running elevated with full local and domain administration rights.
Toby -
I used the certificate app to create a Private Key file (in .der format)
and a .pem request.
But when I specify it in the SSL section and reatsrt the server I get an
error message:
Any Ideas ?
Also When I double click the .der file even Windows says its an "Invalid
Security Certificate File"
WLS 6.1 SP3
Also I think the error is deceiving since the file is present in the
directory referred by WLS
Thanks in advance
N Rao
<Oct 9, 2002 11:31:57 AM CDT> <Notice> <WebLogicServer> <Starting WebLogic
Admin
Server "myserver" for domain "mydomain">
<Oct 9, 2002 11:31:57 AM CDT> <Alert> <WebLogicServer> <Security
configuration p
roblem with certificate file
C:/bea/wlserver6.1/config/mydomain/MY-WKS-key.der
, java.lang.Exception: Required file
C:/bea/wlserver6.1/config/mydomain/MY-WKS
-key.der which is specified by ServerKeyFileName, was not found>
java.lang.Exception: Required file
C:/bea/wlserver6.1/config/mydomain/MY-WKS-k
ey.der which is specified by ServerKeyFileName, was not found
at
weblogic.t3.srvr.SSLListenThread.resolvePropertyFromLocalFile(SSLList
enThread.java:154)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:386)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1097)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:490)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:206)
at weblogic.Server.main(Server.java:35)
<Oct 9, 2002 11:32:08 AM CDT> <Notice> <Management> <Application Poller not
star
ted for production server.>
<Oct 9, 2002 11:32:57 AM CDT> <Notice> <WebLogicServer> <ListenThread
listeningI got the problem.
I simply created a new request thru the 'certificate' app and got a new
trial id and it worked !
Regards,
"Naggi" <[email protected]> wrote in message
news:[email protected]...
Also , password for PKCS-8 encryption was left blank in the certificateapp
>
>
>
I was very interested to see your advertisement for a Senior Software
Engineer. I have been seeking just such an opportunity as
this, and I think my background and your requirements may be a good match.
My resume is enclosed for your review.
Thank you for your attention to these materials. I certainly look forwardto
exploring this further.
Yours truly,
Nagraj C Rao
"Naggi" <[email protected]> wrote in message
news:[email protected]...
I used the certificate app to create a Private Key file (in .der format)
and a .pem request.
But when I specify it in the SSL section and reatsrt the server I get an
error message:
Any Ideas ?
Also When I double click the .der file even Windows says its an "Invalid
Security Certificate File"
WLS 6.1 SP3
Also I think the error is deceiving since the file is present in the
directory referred by WLS
Thanks in advance
N Rao
<Oct 9, 2002 11:31:57 AM CDT> <Notice> <WebLogicServer> <Starting
WebLogic
Admin
Server "myserver" for domain "mydomain">
<Oct 9, 2002 11:31:57 AM CDT> <Alert> <WebLogicServer> <Security
configuration p
roblem with certificate file
C:/bea/wlserver6.1/config/mydomain/MY-WKS-key.der
, java.lang.Exception: Required file
C:/bea/wlserver6.1/config/mydomain/MY-WKS
-key.der which is specified by ServerKeyFileName, was not found>
java.lang.Exception: Required file
C:/bea/wlserver6.1/config/mydomain/MY-WKS-k
ey.der which is specified by ServerKeyFileName, was not found
at
weblogic.t3.srvr.SSLListenThread.resolvePropertyFromLocalFile(SSLList
enThread.java:154)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:386)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1097)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:490)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:206)
at weblogic.Server.main(Server.java:35)
<Oct 9, 2002 11:32:08 AM CDT> <Notice> <Management> <Application Pollernot
star
ted for production server.>
<Oct 9, 2002 11:32:57 AM CDT> <Notice> <WebLogicServer> <ListenThread
listening -
How to enter a Private key into a keystore
Hi,
We have a propriteary CA, developed by us. I need to use this CA for my Signed Applet. I would enter this CA's public key(a X509 certificate) into my cacerts file.
Following is what I have done :
1) I have generated my own keystore, public and private key for signing the applet.
2) Signed the applet with the private key in the keystore.
To Do :
Now, the self generated public key(with which applet was signed) has to be signed by the properitary CA, so that when applet is downloaded my certificate is authenticated by the proprietary CA.
The problem is :
1) To get my public key certificate authenticated by the proprietary CA, I need the private key of proprietary CA.(so that I shall sign my public key file by the CA's private key) . The CA could give the private key as a byte array file. ( Or we could write a program to format the private key file, if any format exists and required). jarsigner requires keystore to sign. How could I create a keystore and enter my private key and public key into this keystore?
2) Is there any other way to do this?
Please help to resolve this problem.
RajeshCheck this:
<A HREF="http://java.sun.com/j2se/1.4/docs/guide/pugin/developer_guide/rsa_signing.html -
dear all
I want to create rsa private key from .key file. I searched a lot but could not find a way to do so. how can i do that ???'pem' stands for Privacy Enhanced Mail and defines an encoding to ASCII of binary data and not the format of the content of the file. Having said that, it looks to me that your file is a PEM encoded SSLeay format RSA key generated using OpenSSL and encrypted using the '-des3' option. Before loading into Java I normally convert, using OpenSSL, SSLeay files to a PKCS8 format private key and an X509 format public key certificate file. These are then easily loaded into Java.
The OpenSSL documentation will tell you how to generate the PKCS8 and X509 files but there are numerous sites that will hand-hold you through the commands. Google is your friend. Once you have generated these files then Google will also provide source code for loading them into Java. -
Private key from 5.1 to 7.0
Hi, we're currently upgrading from WebLogic server 5.1 to 7.0. The private
key generated by WLS 5.1 does not use any password, and can therefore not be
used with 7.0
Do I have to generate a new private key and order a new SSL certificate, or
is there a way I can assign a password to my existing private key so I can
continue using this ??
Thanx in advance !!!
Jan Espen HansenThanks a lot Tony !!!!! This solved my problem.
JEH
"Tony" <TonyV> wrote in message news:[email protected]..
Incorrect PEM headers/footers can confuse the tool.
Double check that the header and footer for your PEM file match thecontents
of the
data in the file.
If it was an unprotected RSA private key, the header and footer shouldlook
like
this:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
It should not say it is a certificate (which is the default for theder2pem
utility), and it
should not say it is an encrypted private key.
Tony
"a" <[email protected]> wrote in message news:3f9f7705$[email protected]..
Hi, and thank you for your answer. I've tried the tool you mention, but
I
get the following error message:
"Error parsing BER private key data 3000"
Since my private key is in .der format I have first run the weblogicutil
utils.der2pem on it, but I still get this error message.
Any ideas ??
JEH
"Tony" <TonyV> wrote in message news:[email protected]..
You should not have to generate a new key.
There is a native tool that is supplied on the WLS kit that can
protect
an
unprotected private key for you:
wlkeytool inputkey.pem outputkey.pem
It will prompt for passwords, I believe that will do what you want.
Tools such as OpenSSL should also be able to protect the private key.
Tony
"Janne K" <[email protected]> wrote in message
news:[email protected]..
Hi, we're currently upgrading from WebLogic server 5.1 to 7.0. Theprivate
key generated by WLS 5.1 does not use any password, and can
therefore
not
be
used with 7.0
Do I have to generate a new private key and order a new SSL
certificate,
or
is there a way I can assign a password to my existing private key so
I
can
continue using this ??
Thanx in advance !!!
Jan Espen Hansen -
Hi there,
I am looking for step by step instrcutions on how to configure SFTP Codeplex adapter for both receive and send ports.
Out business partner with whom we push/poll the files from wants us to use SSH encryption/decryption etc.
Just wondering if the following functionality is supported in Codeplex SFTP adatper without having to write any code.
Appreciate if there is manaul to do this for SFTP. BTW I do have all the our public and private keys and business partners Public key for configuring.
For Send port: 1. we would need to encrypt the file with our business partners public key
2. sign the file with our private key.
3. Send the file through to SSH client which eventually transfers to Remote server.
Receive port: 1. Connect to SSH Server with SSH-2 key and receive the file
2. Verify the file's digital signature agaisnt the Business partners PGP public key
3. Decrypt the file using our PGP Public key
Thanks in advanceYes it is supported.
You can find its documentation in this link
You can find section X.509 Certificate Identity Keys
You can set public and private key in property SSH Identity thumbprint of send and receive port
I prefer to test it using client tool like
FileZilla or WinSCP then test it using sftp adapter
When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer -
BizTalk Server 2013 SFTP Adapter with private key - Did not poll any files
Hello,
We have a requirement to connect SFTP secure site with the private key and polling files. Initially I have
tested BizTalk Server 2013 SFTP Adapter receiver Port using Bitvise SSH SFTP Server tool and it was working perfectly in our local network environment( with public private key authentication).
However when we connected to Client SFTP server with private key authentication, It successfully connected to SFTP Server but
did not poll any files from SFTP Site. I added only one file to SFTP Server ( 145 kb file) for testing purpose.
However BizTalk Server 2013 SFTP Send Adapter is working well with the same configuration.
I could not find any errors in Event viewer also. I can download\upload file using WinSCP tool .
So I downloaded nSoftware SFTP Adapter trial version and deployed on server. nSoftware SFTP adapter is also working find
without any issues for Client SFTP Site.
This is the configuration on SFTP Receive Adapter
This is how SFTP Server download folder permission configured. I have got this details using WinSCP tool.
<o:p></o:p>
Appreciate your help on this.<o:p></o:p>
Thanks<o:p></o:p>
PrabathD<o:p></o:p>BizTalk Adapter for SFTP is where the polling logic is implemented. It is not part of the SFTP Client logic. any SFTP Client is for User Interaction and you do what you want/when you want.
The BizTalk Receive however is for purposes of automation and the adapter polls the receive location using the credentials every polling interval to check for the files matching the filter. When it find a file, it will read and publish to message box or
submit to pipeline for processing. Your setting the polling interval to 0 (ZERO) might actually be disabling the polling.
Set your poll interval to a non-zero value and check the behavior.
Regards. -
SFTP adapter(file path for private key)
Guys,
Can anyone help me in uderstand usage of file path for private key in SFTP adpter, who would provide this key file.
When this file is kept on Transaction AL11 is this format specifc? only .ppk files should be kept.
Should i ask my FTP vendor for this key file ? is it script or something like that . everytime my file is picked up from my mentioned directory what does this private key option searched for?
Appreciate your thoughts in this..
Regards
ChaithanyaHey,
SFTP is not supported by XI / PI , Supports FTPS - FTP with SSL.
Check this Links,
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51?overridelayout=true
http://help.sap.com/saphelp_nw04/helpdata/en/e3/94007075cae04f930cc4c034e411e1/frameset.htm
Cheers
Agasthuri
Maybe you are looking for
-
Birthday calendar bizarre repetitions and other issues
I have the STRANGEST things happening with birthdays on both my iPhone (5, 32GB, white, iOS 6) and iPad (32GB, iOS 6, white). I'm posting it here in the iPhone forum, assuming more people may be able to help. First of all, I sync a Google Apps calend
-
How do I enable a track to record in Premiere Pro CS4?
I'm on a macbook. I have a SM57 mic plugged in via an XLR to USB cable. I have tested this mic via garage band, and it works and records fine. In Premiere Pro preferences I have chosen C-media USB Audio Device. In mac's Audio MIDI setup, I have chose
-
Import data from Oracle table into flat file
How to import the data in the oracle table into flat file using UTL File of PL/SQL.... I am new in PL/SQL.. can someone help me in writing query?
-
After a long period of silence from Unsanity it is not clear whether there will be a Leopard compatible version of APE/Fruitmenu. Does anyone know of a suitable replacement that reproduces the old Apple menu? Or has anyone seen an applic that dynamic
-
In 11i, can you develop model specifications by item? It appears whatever model you select gets imposed on every SKU and customer. What if you want to adjust the model specification by SKU or a group of skus?