Private key problem

Similar Messages

• WBL 7.0 and SSL private key problem

  Having generated certificate request, and associated private key, I obtained
  the corresponding server level certificate. I am having problems starting the
  server with the cert. I have configured my server appropriately, here is the SSL
  configuration from the domain config.xml
  <SSL Enabled="true" HostnameVerificationIgnored="true"
  ListenPort="8090" Name="SampleServer"
  ServerCertificateChainFileName="nasaca.pem"
  ServerCertificateFileName="mydomain-cert.pem"
  ServerKeyFileName="mydomain-key.pem"/>
  and I am using -Dweblogic.management.pkpassword=mypassword
  in the startup script, however I get :
  java.lang.Exception: Cannot read private key from file /usr/user_projects/Sample/mydomain-key.pem.
  Make sure password specified in environment property weblogic.management.pkpassword
  is valid.
  I have given the right password. So the question is why am I seeing the error
  I am running this server on Sun Solaris. The password contains the usual ascii
  characters, including shell special characters.
  Any way checking the private key file ?
  Also as we have seen problems with the particular certificate we get from the
  CA, I wanted to use "utils.ValidateCertChain", alas this documented utility is
  conveniently missing from weblogic.jar. Oh big blue, why didn't we go with you
  Seriously, please help
  Tarang

  Darkit,
  I have the same problem. Let me know if you find a solution to this problem.
  Thanks,
  Bharathi

• Private Key File problem

  I have Weblogic Server Version 6.0. I created Private Key File using Certificate
  Request Generator Servlet. It created the the private key file (.der) file &
  CSR using which I got the Trial Server Certificate from Verisign. I installed
  the certificate (.pem) and configured the server. When I restarted the server
  it gives the following EOFException while reading the Private Key File : (I gave
  the Private Key password while generating the private key file from the servlet)
  <Dec 21, 2001 7:43:08 PM GMT+05:30> <Alert> <WebLogicServer> <Security configura
  tion problem with certificate file config/mydomain/TTI-D066-key.der, java.io.EOF
  Exception>
  java.io.EOFException
  at weblogic.security.Utils.inputByte(Utils.java:133)
  at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
  at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
  at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
  at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:398)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
  at weblogic.Server.main(Server.java:35)
  Thanks in advance for any solutions...
  Regards,
  Venkatesan

  Hi,
  please check if you provided the private key password which was used to
  create the file in the following property
  -Dweblogic.management.pkpassword
  on the command line correctly.
  In addition, please check "Use Encrypted Keys" to "true" in <server>->SSL
  tab from the admin console.
  Maria
  Developer Relations Engineer
  BEA Support
  Venkatesan schrieb in Nachricht <3c234536$[email protected]>...
  >
  I have Weblogic Server Version 6.0. I created Private Key File usingCertificate
  Request Generator Servlet. It created the the private key file (.der) file&
  CSR using which I got the Trial Server Certificate from Verisign. Iinstalled
  the certificate (.pem) and configured the server. When I restarted theserver
  it gives the following EOFException while reading the Private Key File : (Igave
  the Private Key password while generating the private key file from theservlet)
  >
  <Dec 21, 2001 7:43:08 PM GMT+05:30> <Alert> <WebLogicServer> <Securityconfigura
  tion problem with certificate file config/mydomain/TTI-D066-key.der,java.io.EOF
  Exception>
  java.io.EOFException
  at weblogic.security.Utils.inputByte(Utils.java:133)
  at weblogic.security.ASN1.ASN1Header.inputTag(ASN1Header.java:125)
  at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
  at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
  at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
  atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:398)
  atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
  at weblogic.Server.main(Server.java:35)
  Thanks in advance for any solutions...
  Regards,
  Venkatesan

• Problems with the private key at email signing

  Error when running the app: org.bouncycastle.cms.CMSStreamException: Inappropriate key for signature.
  I'm trying to sign an email with a smart card using Java, mime type multipart / signed, when I do a debug the code without saving the
  message or without sending, there is no error or warning, or exception. But when I save or send the message out, I'm getting errors,
  inappropriate key .
  When I save the message:
  body.writeTo(new FileOutputStream("signed.message"));
  Whe I send the message:
  Transport.send(body);
  The error:
  Exception in thread "main" org.bouncycastle.cms.CMSStreamException: key inappropriate for signature.
  at org.bouncycastle.cms.CMSSignedDataStreamGenerator$CmsSignedDataOutputStream.close(Unknown Source)
  at org.bouncycastle.mail.smime.SMIMESignedGenerator$ContentSigner.write(Unknown Source)
  at org.bouncycastle.mail.smime.handlers.PKCS7ContentHandler.writeTo(Unknown Source)
  at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:869)
  at javax.activation.DataHandler.writeTo(DataHandler.java:302)
  at javax.mail.internet.MimeBodyPart.writeTo(MimeBodyPart.java:1383)
  at javax.mail.internet.MimeBodyPart.writeTo(MimeBodyPart.java:852)
  at org.bouncycastle.mail.smime.handlers.multipart_signed.outputBodyPart(Unknown Source)
  at org.bouncycastle.mail.smime.handlers.multipart_signed.outputBodyPart(Unknown Source)
  at org.bouncycastle.mail.smime.handlers.multipart_signed.writeTo(Unknown Source)
  at javax.activation.ObjectDataContentHandler.writeTo(DataHandler.java:869)
  at javax.activation.DataHandler.writeTo(DataHandler.java:302)
  at javax.mail.internet.MimeBodyPart.writeTo(MimeBodyPart.java:1383)
  at javax.mail.internet.MimeMessage.writeTo(MimeMessage.java:1743)
  at javax.mail.internet.MimeMessage.writeTo(MimeMessage.java:1719)
  at javaemail.SignedMultipartEmailTest.main(SignedMultipartEmailTest.java:537)
  Caused by: java.security.InvalidKeyException: Supplied key (sun.security.mscapi.RSAPrivateKey) is not a RSAPrivateKey instance
  at org.bouncycastle.jce.provider.JDKDigestSignature.engineInitSign(Unknown Source)
  at java.security.SignatureSpi.engineInitSign(SignatureSpi.java:86)
  at java.security.Signature$Delegate.engineInitSign(Signature.java:1104)
  at java.security.Signature.initSign(Signature.java:498)
  at org.bouncycastle.cms.CMSSignedDataStreamGenerator$SignerInf.toSignerInfo(Unknown Source)
  ... 16 more
  Java Result: 1
  BUILD SUCCESSFUL
  In the code:
  PrivateKey key = (PrivateKey)keyStore.getKey(aliasNm, null);
  gen.addSigner(key, signCert, SMIMESignedGenerator.DIGEST_SHA1, new AttributeTable(signedAttrs), null);
  where key is the private key of the alias from signature certificate at smart card of type RSAPrivateKey type, according to the debugger
  but according to the javadoc returns Type Key but is forced to type PrivateKey which extends to the other.
  This line is like a example which I'm using, is a bouncy castle example, but with generated certificates, I changed to use certificates
  from smarct card.
  signCert is the certificate associated with key , certificate of SIGNATURE from smartcard.
  At the debugger:
  In the method keyStore.getKey() I'm using null instead of char[] password because is using the windows certificate store which store the
  certificates at the smart card and is getting the PIN with PIN dialogue, and is loading the keystore perfectly and I'm getting the
  certificates from smart card.
  I tried to use:
  PrivateKey key = (PrivateKey)keyStore.getKey(aliasNm, PIN_FROM_SMARTCARD);
  And I'm getting the same value when I use null.
  The value at the debugger is:
  (java.security.PrivateKey) (sun.security.mscapi.RSAPrivateKey) RSAPrivateKey [size=2048 bits, type=Signature,
  container=hexadecimal_number](the same hexadecimal number in both cases)
  Obviously we can see in the error:
  Caused by: java.security.InvalidKeyException: Supplied key (sun.security.mscapi.RSAPrivateKey) is not a RSAPrivateKey instance
  And we can see too:
  RSAPrivateKey de 2048 bits
  at the debugger, in the key value.
  I can't understand why I'm getting the error only when the message is saved, or sended.
  If the key was inappropriate I would receive an error, or an exception when I'm not sending or saving the message.
  These are one, of the last lines of the code that I'm hidding with //
  When I save the message:
  //body.writeTo(new FileOutputStream("signed.message"));
  Whe I send the message:
  //Transport.send(body);
  If I uncomment one of these lines, I'm receiving the errors, previously written above
  Any suggestion?
  Than you
  Regards

  Try to reset the device by pressing hold of the home and power button for 15-20 seconds and letting of when the Apple logo appears.

• Reading private key: works in jdk 1.5, but throws exception in 1.4

  Hello,
  I am trying to read an RSA private key from a file. I am using the following code snippet:
  KeySpec spec = new RSAPrivateKeySpec(modulus, pExp);
  KeyFactory factory = KeyFactory.getInstance("RSA");
  PrivateKey key = factory.generatePrivate(spec);
  This runs perfectly fine under jdk 1.5 on keys I generate with OpenSSL. However, if I recompile and run under jdk 1.4, I get the following exception:
  java.security.spec.InvalidKeySpecException: Unknown key spec.
       at com.sun.net.ssl.internal.ssl.JS_KeyFactory.engineGeneratePrivate(DashoA6275)
       at com.sun.net.ssl.internal.ssl.JSA_RSAKeyFactory.engineGeneratePrivate(DashoA6275)
       at java.security.KeyFactory.generatePrivate(KeyFactory.java:237)
  I have also tried using RSAPrivateCrtKeySpec but I get the same error. Can anyone shed some light on what is going on?
  Thank you.

  'Unlimited Strength Jurisdiction Policy Files 1.4' Could be the solution.
  I had a similar problem with java 1.4 and those files do the work.
  ... finally the problem was that the password that protectd the keystore had 7 characters, using one of 5 characters works ok...

• Exporting SSL Private Key

  In the midst of an apocalyptic SSL install in 10.4 server. Currently, I am trying to install a wildcard cert via Server Admin, which may have been a mistake. After smashing my head for a week, I tried a new tack and rebuilt the system keychain and attempted to install the certificate; this failed at the level of Server Admin. However, in Keychain Access I am showing the SSL cert, public and private keys, and the CA's cert, all valid.
  Since I know of no other way to do get KA talking to SA so that I can actually use this certificate, I am trying to export the valid certs and keys to import. My problem is this, the certs and public key export fine, the private key fails returning an error of Unable to Export CLINTERNALERROR. I double checked that root is enabled in netinfo. Any ideas on how to rectify this?

  I believe you have to run Keychain Access as root to export the private key.
  sudo /Applications/Utilities/Keychain Access.app/Contents/MacOS/Keychain Access

• Reconver SSL private key?

  I have a bit of a dilemma since I tried to install an SSL certificate on my server that needs intermediate certs. Here's what I did:
  1) In Server Admin, create a new key for my domain and use that key to create a CSR to send to a certificate authority. (This creates a public key, a private key and a self-signed certificate in the system keychain on the server).
  2) Sent the CSR away and got the signed certificate back.
  3) Used Server Admin to add the signed certificate to the existing domain cert (this replaces the self-signed cert). Restart services etc.
  Here's the problem: the cert that I have needs intermediate certs installed in order to be functional- currently the certificate shows as an untrusted authority. If I delete the current certificate in Server Admin to start again from scratch, it will delete the private key that I need to reinstall. I downloaded the intermediate certificates from the CA's website, but now the certificate installed on the server can't be modified. Besides, there is no place to enter the intermediate certificates. My plan was to try to paste all the certs into the box where it asks for the new certificate, but no joy since it is now locked.
  I would like to create a new certificate (there is a place in there to install intermediate certs), but I'll need to get my private key out of Keychain Access into a pem formatted file but I can't seem to get the thing to export.
  Questions:
  1) Is there a way to export a private key from Keychain Access so that it can be used for server admin?
  2) Is there a way to get at this from the command line?
  3) Is there some other procedure that can magically fix this problem?
  Thanks,
  Miles

  Thanks,
  This is the part that I was looking for:
  Launch Keychain Access as root:
  sudo /Applications/Utilities/Keychain\ Access.app/Contents/MacOS/Keychain\ Access &
  I then went here http://www.gridsite.org/wiki/Convert_p12 and converted the p12 to pem so I could use it in server admin.
  Thanks again,
  Miles

• NAC and SSL - fails to import password protected private key

  I am attempting to import an SSL certificate on my CCA Manager and Server. I purchased a wild card SSL cert *.domain.com. The private key used to generate the certificate was created on an Cisco ACS 3.2 server and has a password. When attempting to import the private key into the CCA Manager the browser times out and no error is reported.
  My guess is that it is waiting for the password to allow access to the private key. Unfortunately there is no place on the form and no pop-up to enter the password.
  Is there a command line option for importing a private key that may work for me?
  Thanks
  Sherm

  The best Possible way is to generate a CSR from the CCA server and then purchase a certificate using that CSR. Then you dont have problems with private keys.
  Regards
  sathappan

• Private key

  Hello people,
  i'm creating a program that needs to generate private keys,
  i've found out that java has built in libraries that support this so i've tried:
                  KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
                  keyGen.initialize(1024);
                  KeyPair keypair = keyGen.genKeyPair();
                  PrivateKey privateKey = keypair.getPrivate();
                  PublicKey publicKey = keypair.getPublic();but after i set the privateKey i can't find a way to retrieve the actual numbers used in the private key (probably to prevent attacks...)
  eventually, all my app really needs, is a table of , lets say, 100 private keys (each one as 2 big primes)
  is it possible for me to use the java.security to do that?
  thanks for your time.

  i still need small ones in the begining. a modolus in
  the size of 16 DWORDS is too big for me right now, i
  need something like 4.
  i guess i have no escape but to generate them myself,
  the problem is that i probably won't do it
  professionaly :(Well - nobody will generate 32-bit RSA keys "professionally", because it'd take about 2 CPU minutes to break your keys when they're that small. 512 bits was acceptable in the eighties - current best-practice, IIRC, is 2048 bit keys for anything you're serious about protecting, and 4096-bit keys for anything you want to protect for extended periods of time.
  Grant

• Private Key for RSAalgorithm

  Hello,
  I used RSA algorithm for encryption and i can send the encrypted text to the server , on the server side
  in order to decrypt the message i passed the public key, but how to generate the private key on the server side, i am a beginner in cryptography, can anybody help me , if possible give me the coding for encryption and decryption which will work on the client side for encryption and server side for decryption,i need RSA algorithm for it

  well, but i just used receivers public key to encrypt the data at the senders side, at the receivers side both secret and public key is generated, and the receivers secret key is used to decrypt. The ecrypted text can be accessed at the receivers side but it can't be decrypted, my program part is given below
  Sender's side
  // Create a new instance of Message class, to encrypt / decrypt message
  Message M = new Message();
  // Create a new instance of Keys, to generate keys
  Keys K = new Keys ();
  // Set the Plain Text message
  M.PlainText = ta.getText(); (ta is the text area i displayed the text file)
  // Display the Plain Text message
  System.out.println (" Message:" + M.PlainText);
  // Set the Number of Rounds
  M.NumRounds = 2;
  // Display the Number of Rounds
  System.out.println (" Rounds:" + M.NumRounds);
  // Create RSA Public, Secret key pairs
  K.CreateKeys();
  // Display Public Key individual number
  System.out.println ("Public Key:" + K.PublicKey);
  // Display Secret Key individual number
  System.out.println ("Secret Key:" + K.SecretKey);
  // Display n, the shared number (of Public and Secret Keys)
  System.out.println (" n:" + K.n);
  // Encrypt the Message
  M.Encrypt (publicKey, n);
  /* where publickey and n are generated at the receivers side and saved in the database, which is taken
  at the senders side to encrypt the data. */
  // Display the Encrypted Message
  System.out.println (" Encrypted Message:" + M.CipherText);
  String crp=M.CipherText.toString();
  AT the receiving side
  // Create a new instance of Message class, to encrypt / decrypt message
  Message M = new Message();
  // Create a new instance of Keys, to generate keys
  Keys K = new Keys ();
  // Set the Plain Text message
  //M.PlainText = ta.getText();
  // Display the Plain Text message
  //System.out.println (" Message:" + M.PlainText);
  // Set the Number of Rounds
  M.NumRounds = 2;
  // Display the Number of Rounds
  System.out.println (" Rounds:" + M.NumRounds);
  // Create RSA Public, Secret key pairs
  K.CreateKeys();
  // Display Public Key individual number
  System.out.println ("Public Key:" + K.PublicKey);
  pbk=K.PublicKey.toString();
  // Display Secret Key individual number
  System.out.println ("Secret Key:" + K.SecretKey);
  // Display n, the shared number (of Public and Secret Keys)
  System.out.println (" n:" + K.n);
  bi=new BigInteger (bi.toString().concat(String.valueOf(K.SecretKey)));
  bn=new BigInteger (bn.toString().concat(String.valueOf(K.n)));
  System.out.println("SECRET:"+bi);
  System.out.println("N:"+bn);
  M.Decrypt(bi,bskbi); // where bi is secret generated at the recivers side and bn is retrieved
  from the database , n = (p-1)*(q-1) where p and q are two large priome numbers */
  at the receivers side the encrypted text can be accessed , but the text can be decrypted, what is the problem here, can u help me to change the codings
  thanks in advance

• Private Key is incorrect or Hash not Set

  SAP B1 2007A latest patch and WebTools just downloaded:-
  I am very new to WebTools and am having a problem with sync i.e. I get the following message "Private Key is incorrect or Hash not Set" and nothing synchronsies.
  I also have "NO INTERNAL ACCOUNT 630" in the Web Tools section of Server Configuration screen - I do not know if this problem is related to the problem above.
  What services need to run in the SAP Business One Service Manager for Web CRM and\or Web Shop to work?
  Thanks
  Ian

  Hi Ian,
  as you are new to Webtools, you might not be aware of our Webtools landing page that has links to very useful documentation to help you setup a Webtools installation correctly. Please see:
  https://service.sap.com/smb/sbo/webtools
  The following guide should help you:
  SAP Business One E-Commerce and Web CRM 6 - Administrator's Guide
  Kind Regards,
  Lilian Lynch
  SAP Business One Forums Team

• Private key error

  I used the certificate app to create a Private Key file (in .der format)
  and a .pem request.
  But when I specify it in the SSL section and reatsrt the server I get an
  error message:
  Any Ideas ?
  Also When I double click the .der file even Windows says its an "Invalid
  Security Certificate File"
  WLS 6.1 SP3
  Also I think the error is deceiving since the file is present in the
  directory referred by WLS
  Thanks in advance
  N Rao
  <Oct 9, 2002 11:31:57 AM CDT> <Notice> <WebLogicServer> <Starting WebLogic
  Admin
  Server "myserver" for domain "mydomain">
  <Oct 9, 2002 11:31:57 AM CDT> <Alert> <WebLogicServer> <Security
  configuration p
  roblem with certificate file
  C:/bea/wlserver6.1/config/mydomain/MY-WKS-key.der
  , java.lang.Exception: Required file
  C:/bea/wlserver6.1/config/mydomain/MY-WKS
  -key.der which is specified by ServerKeyFileName, was not found>
  java.lang.Exception: Required file
  C:/bea/wlserver6.1/config/mydomain/MY-WKS-k
  ey.der which is specified by ServerKeyFileName, was not found
  at
  weblogic.t3.srvr.SSLListenThread.resolvePropertyFromLocalFile(SSLList
  enThread.java:154)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:386)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1097)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:490)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:206)
  at weblogic.Server.main(Server.java:35)
  <Oct 9, 2002 11:32:08 AM CDT> <Notice> <Management> <Application Poller not
  star
  ted for production server.>
  <Oct 9, 2002 11:32:57 AM CDT> <Notice> <WebLogicServer> <ListenThread
  listening

  I got the problem.
  I simply created a new request thru the 'certificate' app and got a new
  trial id and it worked !
  Regards,
  "Naggi" <[email protected]> wrote in message
  news:[email protected]...
  Also , password for PKCS-8 encryption was left blank in the certificateapp
  >
  >
  >
  I was very interested to see your advertisement for a Senior Software
  Engineer. I have been seeking just such an opportunity as
  this, and I think my background and your requirements may be a good match.
  My resume is enclosed for your review.
  Thank you for your attention to these materials. I certainly look forwardto
  exploring this further.
  Yours truly,
  Nagraj C Rao
  "Naggi" <[email protected]> wrote in message
  news:[email protected]...
  I used the certificate app to create a Private Key file (in .der format)
  and a .pem request.
  But when I specify it in the SSL section and reatsrt the server I get an
  error message:
  Any Ideas ?
  Also When I double click the .der file even Windows says its an "Invalid
  Security Certificate File"
  WLS 6.1 SP3
  Also I think the error is deceiving since the file is present in the
  directory referred by WLS
  Thanks in advance
  N Rao
  <Oct 9, 2002 11:31:57 AM CDT> <Notice> <WebLogicServer> <Starting
  WebLogic
  Admin
  Server "myserver" for domain "mydomain">
  <Oct 9, 2002 11:31:57 AM CDT> <Alert> <WebLogicServer> <Security
  configuration p
  roblem with certificate file
  C:/bea/wlserver6.1/config/mydomain/MY-WKS-key.der
  , java.lang.Exception: Required file
  C:/bea/wlserver6.1/config/mydomain/MY-WKS
  -key.der which is specified by ServerKeyFileName, was not found>
  java.lang.Exception: Required file
  C:/bea/wlserver6.1/config/mydomain/MY-WKS-k
  ey.der which is specified by ServerKeyFileName, was not found
  at
  weblogic.t3.srvr.SSLListenThread.resolvePropertyFromLocalFile(SSLList
  enThread.java:154)
  atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:386)
  atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:301)
  atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1097)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:490)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:206)
  at weblogic.Server.main(Server.java:35)
  <Oct 9, 2002 11:32:08 AM CDT> <Notice> <Management> <Application Pollernot
  star
  ted for production server.>
  <Oct 9, 2002 11:32:57 AM CDT> <Notice> <WebLogicServer> <ListenThread
  listening

• Private Key Not Found Error in Ldaps

  Hi,
  I am facing "Private Key Not Found" Error in ldaps. The key and the SSL certificate is stored under the same location. The certificate is self signed certificate and in .pem format. When I am trying to install the certifcate through SUN ONE Console it throws the following error
  "Either this certificate is for another server, or this certificate was not requested using this server".
  can any one help me in this regard.
  Regards
  Senthil
  Edited by: senlog80 on Dec 30, 2008 3:18 AM

  Or even better, check the note <a href="https://websmp110.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=924320&_NLANG=E">924320</a>.
  <b>Symptom</b>:
  When you execute a query with virtual characteristics or key figures, the system issues the following error message:
  Object FIELD I_S_DATA-<key figure> not found
  <b>Other terms</b>
  RSR00002, RSR_OLAP_BADI
  <b>Reason and Prerequisites</b>
  This problem is caused by a program error.
  <b>Solution</b>
  If the virtual characteristics or key figures are implemented using the enhancement RSR00002 (CMOD), implement the corrections.
  If the virtual characteristics or key figures were created directly as implementations of the RSR_OLAP_BADI BAdI, compare the source code of the INITIALIZE method with the corresponding source code example. During the call of GET_FIELD_POSITIION_D, <L_S_SK>-VALUE_RETURNNM must be transferred instead of <L_S_SFK>-KYFNM.
  Import Support Package 08 for SAP NetWeaver 2004s BI (BI Patch 08 or SAPKW70008) into your BI system. The Support Package is available when Note 0872280"SAPBINews BI 7.0 Support Package 08", which describes this Support Package in more detail, is released for customers.
  In urgent cases, you can use the correction instructions.
  To provide advance information, the note mentioned above may be available before the Support Package is released. In this case, the short text of the note still contains the words "Preliminary version".
  Assign pts if helpful.

• Private key from 5.1 to 7.0

  Hi, we're currently upgrading from WebLogic server 5.1 to 7.0. The private
  key generated by WLS 5.1 does not use any password, and can therefore not be
  used with 7.0
  Do I have to generate a new private key and order a new SSL certificate, or
  is there a way I can assign a password to my existing private key so I can
  continue using this ??
  Thanx in advance !!!
  Jan Espen Hansen

  Thanks a lot Tony !!!!! This solved my problem.
  JEH
  "Tony" <TonyV> wrote in message news:[email protected]..
  Incorrect PEM headers/footers can confuse the tool.
  Double check that the header and footer for your PEM file match thecontents
  of the
  data in the file.
  If it was an unprotected RSA private key, the header and footer shouldlook
  like
  this:
  -----BEGIN RSA PRIVATE KEY-----
  -----END RSA PRIVATE KEY-----
  It should not say it is a certificate (which is the default for theder2pem
  utility), and it
  should not say it is an encrypted private key.
  Tony
  "a" <[email protected]> wrote in message news:3f9f7705$[email protected]..
  Hi, and thank you for your answer. I've tried the tool you mention, but
  I
  get the following error message:
  "Error parsing BER private key data 3000"
  Since my private key is in .der format I have first run the weblogicutil
  utils.der2pem on it, but I still get this error message.
  Any ideas ??
  JEH
  "Tony" <TonyV> wrote in message news:[email protected]..
  You should not have to generate a new key.
  There is a native tool that is supplied on the WLS kit that can
  protect
  an
  unprotected private key for you:
  wlkeytool inputkey.pem outputkey.pem
  It will prompt for passwords, I believe that will do what you want.
  Tools such as OpenSSL should also be able to protect the private key.
  Tony
  "Janne K" <[email protected]> wrote in message
  news:[email protected]..
  Hi, we're currently upgrading from WebLogic server 5.1 to 7.0. Theprivate
  key generated by WLS 5.1 does not use any password, and can
  therefore
  not
  be
  used with 7.0
  Do I have to generate a new private key and order a new SSL
  certificate,
  or
  is there a way I can assign a password to my existing private key so
  I
  can
  continue using this ??
  Thanx in advance !!!
  Jan Espen Hansen

• SSL & generated private key

  I generated a CSR with the certificate servlet. I modified
  config.xml in order to set the right files :
  <SSL Enabled="true" ListenPort="7002" Name="test2" ServerCertificateChainFileName="config/mydomain/cacrt.pem"
  ServerCertificateFileName="config/mydomain/servercert.pem"
  ServerKeyFileName="config/mydomain/serverkey.der"/>
  The serverkey.der is a copy of the file generated by the
  certificate servlet.
  At startup the following error occurs :
  <30 juil. 01 20:23:26 CEST> <Alert> <WebLogicServer> <Security configuration problem
  with certificate file config/mydomain/serverkey.der, java.io.EOFException>
  java.io.EOFException
  at weblogic.security.Utils.inputByte(Utils.java:133)
  at weblogic.security.ASN1.ASN1Header.inputTag ASN1Header.java:125)
  at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:119)
  at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:119)
  at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
  at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
  at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1028)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:475)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:197)
  at weblogic.Server.main(Server.java:35)
  More over the conversion of the serverkey.der in serverkey.pem
  with openssl gives the following error :
  openssl rsa -in serverkey.der -outform PEM -out serverkey.pem
  read RSA key
  unable to load key
  1276:error:0906D06C:PEM routines:PEM_read_bio:no start line:./crypto/pem/pem_lib
  .c:662:Expecting: ANY PRIVATE KEY
  and reading the file by the default W2K reader gives an error too.
  Need help !

  Agree with S Guna, the ISP/Certificate Authority won't generate the private key, the request from your Lync server does.  So the private key is already sitting on your Lync 2010 Server.  Once you import the certificate generated by the certificate
  authority, the private key and certificate should be paired and can be assigned to Lync.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications