search

drallgood / jpasskit

jPasskit is an Java™ implementation of the Apple™ PassKit Web Service.
Apache License 2.0
276 stars 109 forks source link

Missing documentation for jPasskit Server properties #55

Closed RommelTJ closed 9 years ago

RommelTJ commented 9 years ago

Great project. Hitting a few snags with the jPasskit Server component, though. Do we have any documentation or suggestions for the following properties? I apologize in advance if the questions are too basic.

rest.bindIP rest.bindPort rest.ssl.enabled rest.ssl.keystore.path rest.ssl.keystore.type rest.ssl.keystore.password rest.ssl.key.password

I couldn't find any IP or Port requirements on Apple's developer website. Do I just put localhost and the port that the server is running on? I assume rest.ssl.enable must be set to "true", so rest.ssl.enabled = true For keystore path, is it java-home/lib/security/cacerts? For type, my certificate ends in .p12, so that's PKC12 for rest.ssl.keystore.type, correct? rest.ssl.keystore.password is the password for cacerts above? rest.ssl.key.password is the password used when generating the .p12 certificate?

If the above is correct, how do I add the .p12 file to cacerts?

Once this is clear, I intend to submit a Pull Request with this info.

RommelTJ commented 9 years ago

So I figured out the .p12 is a keystore (?) and the keystore password is the password I created using keytool. I still don't know which password to use for rest.ssl.key.password, nor what to use for rest.bindIP or rest.bindPort.

RommelTJ commented 9 years ago

For clarification, below are the error messages I'm getting: 

ATTEMPTING TO START PASSKIT SERVER
Oct 13, 2015 12:07:31 PM org.restlet.engine.ssl.SslUtils getSslContextFactory
WARNING: Unable to find SslContextFactory class: org.restlet.ext.ssl.PkixSslContextFactory
java.lang.ClassNotFoundException: org.restlet.ext.ssl.PkixSslContextFactory
    at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1483)
    at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1329)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:264)
    at org.restlet.engine.ssl.SslUtils.getSslContextFactory(SslUtils.java:135)
    at org.restlet.ext.simple.HttpsServerHelper.start(HttpsServerHelper.java:90)
    at org.restlet.Server.start(Server.java:579)
    at org.restlet.Component.startServers(Component.java:642)
    at org.restlet.Component.start(Component.java:567)
    at de.brendamour.jpasskit.server.PKRestServer.start(PKRestServer.java:57)
    at edu.sandiego.restfulUtil.resources.USDPasskit.<init>(USDPasskit.java:26)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
    at java.lang.Class.newInstance(Class.java:442)
    at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1116)
    at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:809)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:129)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:465)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
    at java.lang.Thread.run(Thread.java:745)

ATTEMPTING TO START PASSKIT SERVER FAILED
java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded
    at sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:410)
    at java.security.KeyStore.getKey(KeyStore.java:1023)
    at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:133)
    at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)
    at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
    at org.restlet.engine.ssl.DefaultSslContextFactory.createSslContext(DefaultSslContextFactory.java:323)
    at org.restlet.ext.simple.HttpsServerHelper.start(HttpsServerHelper.java:92)
    at org.restlet.Server.start(Server.java:579)
    at org.restlet.Component.startServers(Component.java:642)
    at org.restlet.Component.start(Component.java:567)
    at de.brendamour.jpasskit.server.PKRestServer.start(PKRestServer.java:57)
    at edu.sandiego.restfulUtil.resources.USDPasskit.<init>(USDPasskit.java:26)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
    at java.lang.Class.newInstance(Class.java:442)
    at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1116)
    at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:809)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:129)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:465)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
    at java.lang.Thread.run(Thread.java:745)
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:966)
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824)
    at com.sun.crypto.provider.PKCS12PBECipherCore.implDoFinal(PKCS12PBECipherCore.java:399)
    at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede.engineDoFinal(PKCS12PBECipherCore.java:431)
    at javax.crypto.Cipher.doFinal(Cipher.java:2165)
    at sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:348)
    ... 29 more
RommelTJ commented 9 years ago

Nevermind! I got it to work by deleting the rest.ssl.key.password. I'm guessing it's optional? I still need clarification or a sample set up if possible, but the server is running and serving requests.

drallgood commented 9 years ago

Hey @RommelTJ Glad you figured it out on your own. The rest.ssl.key.password is optional and might be needed in case your private key is protected by a password (which might be different from the password for the pkcs12 file). Im going to try to update the documentation, to make this a little bit clearer.

Thanks for the heads up and sorry for the late reply.