madeindra / signal-setup-guide

Setup guide for Signal (OpenWhisper) server & client. Please refer to the discussion section for questions & difficulties.
MIT License
156 stars 95 forks source link

Configuration certificate issue #53

Open KashifAhmed opened 3 years ago

KashifAhmed commented 3 years ago

After resolving lot's of issue now I am stuck on certificate issue java -jar service/target/TextSecureServer-3.21.jar server service/config/config.yml INFO [2021-04-01 22:22:25,876] io.dropwizard.server.DefaultServerFactory: Registering jersey handler with root path prefix: / INFO [2021-04-01 22:22:25,885] io.dropwizard.server.DefaultServerFactory: Registering admin handler with root path prefix: / java.lang.ClassCastException: class org.bouncycastle.jce.PKCS10CertificationRequest cannot be cast to class java.security.cert.X509Certificate (org.bouncycastle.jce.PKCS10CertificationRequest is in unnamed module of loader 'app'; java.security.cert.X509Certificate is in module java.base of loader 'bootstrap') at org.whispersystems.textsecuregcm.push.RetryingApnsClient.initializeCertificate(RetryingApnsClient.java:76) at org.whispersystems.textsecuregcm.push.RetryingApnsClient.<init>(RetryingApnsClient.java:49) at org.whispersystems.textsecuregcm.push.APNSender.<init>(APNSender.java:70) at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:246) at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:151) at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:44) at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:87) at io.dropwizard.cli.Cli.run(Cli.java:78) at io.dropwizard.Application.run(Application.java:94) at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:406) Is anyone know how to resolve this one.

madeindra commented 3 years ago

@KashifAhmed are you sure your apns certificate is in a correct format?

alansunny3 commented 3 years ago

@KashifAhmed not sure if you are building it for android or ios but i had few issues with the apn config even though i was building it only for android. When passing null for apn config it didn't like so i was forced to input some cert (i used the cert and key from letsencrypt) that it will accept.

below is the commands i used to create the cert for apn in order to stop it complaining regards to apn certs.

this command will format the cert key, just copy and paste it to the pushCertificate sudo awk 'NF {sub(/\r/, ""); printf "%s\n",$0;}' /etc/letsencrypt/live/yourdomain/cert.key

the private key shouldn't contain any passphrase so the below command will create a new private key without any passphrase.

openssl rsa -in /etc/letsencrypt/live/yourdomain/privkey.pem -out /tmp/keywithoutpass.pem

format the private key and paste it to pushKey, make sure you use double quotes around the keys in the config.