JDK-8180819 No installed provider supports this key: sun.security.pkcs.PKCS8Key
Adam Petcher
adam.petcher at oracle.com
Tue Nov 14 15:34:49 UTC 2017
On 11/13/2017 2:20 PM, Florian Bruckner (3kraft) wrote:
> Hi,
>
> have just stumbled upon a quite strange behavior in a SSL connection
> with a client certificate.
Looks like your private key is BER encoded. I think this is supposed to
be fine, but the code is being a bit too strict and rejecting it. There
was a change around 8u121 that added some more DER enforcement. Can you
try converting everything to DER to see if that clears up the problem?
You can do this with openssl e.g.:
openssl pkcs12 -in pkcs12-file -out key-and-cert -nodes -passin pass:abcXYZ
openssl pkcs12 -in key-and-cert -export -out new-pkcs12-file -passout
pass:abcXYZ
The JKS exception doesn't really provide a lot of information. It would
be helpful if you could import the DER-formatted PKCS#12 file back into
JKS and let me know if that works.
More information about the security-dev
mailing list