Win a copy of The Way of the Web Tester: A Beginner's Guide to Automating Tests this week in the Testing forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Unable to establish SSL connection using Java PKCS11

Narasimha Bhamidipati
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am currently trying to establish SSL connectivity using eToken via PKCS11.
The PKCS11 provider is setup and I can read the 3 stored certificates as a key Store Object.
But I am getting the following exception while trying to establish SSL connectivity.
I am using JDK 6.0(java version "1.6.0_31-rev).

at Source)
Caused by: Unsupported key type: SunPKCS11-aladdin-0 RSA private key, 2048 bits (id 147980297, token object, sensitive, unextractable)
at javax.crypto.Cipher.b(DashoA13*..)
at javax.crypto.Cipher.a(DashoA13*..)

KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = getClientKeyStore(); //read Smart Card Token to get the Certificate
kmf.init(keyStore, "mycardPin".toCharArray()); //#### hard coded the i/p parms

TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream("C:\\Users\\usr1\\Desktop\\Certifi cates\\mycertca.jks"), "mycardPin".toCharArray());

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
factory = sslContext.getSocketFactory();
sslClient = (SSLSocket) factory.createSocket(host, port);
sslClient.startHandshake(); //<--- code is breaking here with the above exception

I am struggling like anything for the last 4 days to get rid of this issue. Please let me know is there any work-around to fix this issue.
I really appreciate your help.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic