rouxemmanuel / DigitalSigning

Digital Signing Alfresco plugin
45 stars 39 forks source link

Problrm while importing key file #35

Closed pawelciesielka closed 7 years ago

pawelciesielka commented 7 years ago

I have key (mykey.p12) exported from .pfx store when I try to import it I have error : 03180002 DerInputStream.getLength(): lengthTag=109, too big. Commands used to generate key are: keytool.exe -genkeypair -alias my_certificate -keystore mykeystore.pfx -storepass passw0rd -validity 365 -keyalg RSA -keysize 2048 -storetype pkcs12 keytool -export -keystore c:\tmp\mykeystore.pfx -storetype pkcs12 -alias bcg -file c:\tmp\my_cert.p12

Is my key file in wrong format?

rouxemmanuel commented 7 years ago

Hello,

Can you give me the full stack trace in alfresco.log ?

Thanks. Regards, Emmanuel

rouxemmanuel commented 7 years ago

Hi,

Can you test with the new 1.2.0 release and come back to me if the problem still exists ?

Regards, Emmanuel

bshiundu commented 7 years ago

Hello Emmanuel,

I just tested with the 1.2.0 release and I get a different error ... Stack Trace below ..

2017-06-28 11:35:00,019 ERROR [org.alfresco.plugin.digitalSigning.webscript.SignUpload] [http-apr-8800-exec-11] DER input, Integer tag error java.io.IOException: DER input, Integer tag error at sun.security.util.DerInputStream.getInteger(DerInputStream.java:168) at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1916) at java.security.KeyStore.load(KeyStore.java:1445) at org.alfresco.plugin.digitalSigning.webscript.SignUpload$1.execute(SignUpload.java:251) at org.alfresco.plugin.digitalSigning.webscript.SignUpload$1.execute(SignUpload.java:89) at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:464) at org.alfresco.plugin.digitalSigning.webscript.SignUpload$2.doWork(SignUpload.java:328) at org.alfresco.plugin.digitalSigning.webscript.SignUpload$2.doWork(SignUpload.java:326) at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:555) at org.alfresco.plugin.digitalSigning.webscript.SignUpload.executeImpl(SignUpload.java:325) at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64) at org.alfresco.repo.web.scripts.RepositoryContainer$3.execute(RepositoryContainer.java:519) at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:464) at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:587) at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:656) at org.alfresco.repo.web.scripts.RepositoryContainer.executeScriptInternal(RepositoryContainer.java:428) at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:308) at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:399) at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:210) at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:132) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.alfresco.module.aosmodule.service.ContextRootFilter.doFilter(ContextRootFilter.java:93) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) at org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:2403) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)

bshiundu commented 7 years ago

My Alfresco specs: Alfresco Share v5.2.e (r135148-b16, Aikau 1.0.101.3, Spring Surf 5.2.e, Spring WebScripts 6.13, Freemarker 2.3.20-alfresco-patched, Rhino 1.7R4-alfresco-patched, Yui 2.9.0-alfresco-20141223) + Alfresco Community v5.2.0 (r135134-b14) schema 10005

bshiundu commented 7 years ago

OK - I generated a self-signed key using openssl and it works perfectly on alfresco 5.2.e My steps:

  1. openssl req -newkey rsa:2048 -nodes -keyout mykey.pem -x509 -days 365 -out mycertificate.pem
  2. openssl pkcs12 -inkey mykey.pem -in mycertificate.pem -export -out my_alfresco_certificate.p12