[英]java.io.IOException: exception unwrapping private key - java.security.InvalidKeyException: pad block corrupted
I am trying to connect an android app to an XML web service under IIS over SSL (Self Signed SSL).我正在尝试通过 SSL(自签名 SSL)将一个 android 应用程序连接到 IIS 下的 XML Web 服务。 I've followed below procedure:
我遵循了以下程序:
Converting pfx to jks将 pfx 转换为 jks
keytool -importkeystore -srckeystore cert.pfx -srcstoretype pkcs12
-destkeystore cert.jks -deststoretype pkcs12
Reading the content of jks阅读jks的内容
KeyStore keyStore = KeyStore.getInstance("pkcs12");
InputStream in = _context.getResources().openRawResource(R.raw.cert);
try
{
keyStore.load(in, "123456".toCharArray());
mgrFact.init(keyStore, "123456".toCharArray());
}
catch (Throwable t)
{
logger.error(t.getMessage());
}
finally
{
in.close();
}
And now keyStore.load
throws the following exception现在
keyStore.load
抛出以下异常
java.io.IOException: exception unwrapping private key
-java.security.InvalidKeyException: pad block corrupted
Where may I've made a mistake?我可能在哪里犯了错误?
In fact, I followed what has been described here事实上,我遵循了这里描述的内容
Thanks谢谢
I know that the question is 4 years old, but just in case someone else get the same error:我知道这个问题已经有 4 年了,但以防万一其他人遇到同样的错误:
I don't know why but there seem to be differences between the keystore generated with keytool of OpenJDK 11 and the one (with same certificates / keys / passwords) generated by keytool of Oracle JDK 8.我不知道为什么,但 OpenJDK 11 的 keytool 生成的密钥库与 Oracle JDK 8 的 keytool 生成的密钥库(具有相同的证书/密钥/密码)之间似乎存在差异。
The problem for me arose using the keystore-jdk11.p12
under我的问题是使用下的
keystore-jdk11.p12
I fixed this simply reimporting the content of the keystore generated with OpenJDK 11 with keytool of Oracle JDK 8, with我修复了这个问题,只需使用 Oracle JDK 8 的 keytool 重新导入 OpenJDK 11 生成的密钥库的内容,
/path/of/jdk8.241/bin/keytool \
-importkeystore \
-srckeystore keystore-jdk11.p12 \
-destkeystore keystore-jdk8.p12 \
-deststoretype pkcs12
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.