Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Keytool  RSS feed

 
Mark Herschberg
Sheriff
Posts: 6037
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am using certicom's security builder package for my crypto implementation. (It uses ECC, but I don't think that should make a difference here.) We have certicom as a provider, and are trying to use the Keytool to generate a certificate. It isn't working.
Certicom claims that although they meet the provider API, Keytool requires a difference interface which they do not meet. This surprises me, since I would have thought that Keytool simply uses the JCE APIs to do it's work. ANyone know how Keytool works?
When we do run Keytool, it complains that it can't find a signature algorithm. We have both tries specifying a signature algorithm as well as not specifying one, and letting the tool try to find one. Perhaps the signature algorithm isn't defined in some configuration file of Certicom's, certainly the algorithm exists.
Any thoughts?

--Mark
 
Lewin Chan
Ranch Hand
Posts: 214
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mark
Keytool is just a wrapper around JCE api, so you should be able to use certicom as the provider...
When you run keytool, you should add certicom as a provider. you can do this by using
keytool -genkey
-sigalg "MD5withRSA"
-provider "com.certicom.SecurityProvider()"
-alias "myAlias" etc. etc.
I'm not sure if keytool will use the security.provider flag in the java.security file in $JAVA_HOME/jre/lib/security
--Lewin
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!