Hello,
I have a working EJBCA installation and a Ciphermail installation. I
followed the instructions on this guide:
http://www.ciphermail.com/documents/ciphermail-EJBCA-guide.pdf
Whenever I try to use Ciphermail with the EJBCA to generate a
certificate I get the following error:
Certificate issued failed. Message: WebServiceCheckedException:
NoSuchAlgorithmException: PBE AlgorithmParameters not available
Both Ciphermail and EJBCA use OpenJDK 7 to run, the platform is a Linux
server (Gentoo)
Have you seen these errors before and would you know how to resolve?
Stack trace is :
Caused by: java.io.IOException: parseAlgParameters failed: PBE
AlgorithmParameters not available at
sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:561)
at
sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1287)
at java.security.KeyStore.load(KeyStore.java:1214) at
mitm.common.security.keystore.KeyStoreLoader.loadKeyStore(KeyStoreLoader.java:99)
at
mitm.common.security.ca.handlers.ejbca.StaticEJBCACertificateRequestHandlerSettings.getKeyStore(StaticEJBCACertificateRequestHandlerSettings.java:201)
... 65 more Caused by: java.security.NoSuchAlgorithmException: PBE
AlgorithmParameters not available at
sun.security.jca.GetInstance.getInstance(GetInstance.java:159) at
java.security.Security.getImpl(Security.java:695) at
java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:146)
at
sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:557)
... 69 more
Was this keystore generated by EJBCA?
Kind regards,
Martijn Brinkers
···
On 08/17/2014 04:53 PM, Stephane Schitter wrote:
Hello,
I have a working EJBCA installation and a Ciphermail installation. I
followed the instructions on this guide:
http://www.ciphermail.com/documents/ciphermail-EJBCA-guide.pdf
Whenever I try to use Ciphermail with the EJBCA to generate a
certificate I get the following error:
Certificate issued failed. Message: WebServiceCheckedException:
NoSuchAlgorithmException: PBE AlgorithmParameters not available
Both Ciphermail and EJBCA use OpenJDK 7 to run, the platform is a Linux
server (Gentoo)
Have you seen these errors before and would you know how to resolve?
Stack trace is :
Caused by: java.io.IOException: parseAlgParameters failed: PBE
AlgorithmParameters not available at
sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:561)
at
sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1287)
at java.security.KeyStore.load(KeyStore.java:1214) at
mitm.common.security.keystore.KeyStoreLoader.loadKeyStore(KeyStoreLoader.java:99)
at
mitm.common.security.ca.handlers.ejbca.StaticEJBCACertificateRequestHandlerSettings.getKeyStore(StaticEJBCACertificateRequestHandlerSettings.java:201)
... 65 more Caused by: java.security.NoSuchAlgorithmException: PBE
AlgorithmParameters not available at
sun.security.jca.GetInstance.getInstance(GetInstance.java:159) at
java.security.Security.getImpl(Security.java:695) at
java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:146)
at
sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:557)
... 69 more
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
Hello,
Yes it was generated by EJBCA. I linked ciphermail (via the config) to a
copy of the truststore that was generated by EJBCA.
I copied the EJBCA truststore as otherwise ciphermail would not have the
authorisations to access it.
Regards,
Stephane
···
Le 17.08.2014 17:36, Martijn Brinkers a écrit :
Was this keystore generated by EJBCA?
Kind regards,
Martijn Brinkers
It somehow seems that the default provider for your JVM does not support
the PBE AlgorithmParameters type which is weird since that is a standard
algorithm.
Could it be that you have installed some additional Java security
provider? Like an HSM provider or something.
Can you try the following and send the output of the ProviderUtils
command directly to me (i.e., off list)
cd /usr/share/djigzo
java -cp djigzo.jar mitm.common.security.provider.ProviderUtils
Kind regards,
Martijn Brinkers
···
On 08/17/2014 05:55 PM, Stephane Schitter wrote:
Le 17.08.2014 17:36, Martijn Brinkers a écrit :
Was this keystore generated by EJBCA?
Kind regards,
Martijn Brinkers
Hello,
Yes it was generated by EJBCA. I linked ciphermail (via the config) to a
copy of the truststore that was generated by EJBCA.
I copied the EJBCA truststore as otherwise ciphermail would not have the
authorisations to access it.
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail
I have a working EJBCA installation and a Ciphermail installation. I
followed the instructions on this guide:
http://www.ciphermail.com/documents/ciphermail-EJBCA-guide.pdf
Whenever I try to use Ciphermail with the EJBCA to generate a
certificate I get the following error:
Certificate issued failed. Message: WebServiceCheckedException:
NoSuchAlgorithmException: PBE AlgorithmParameters not available
Both Ciphermail and EJBCA use OpenJDK 7 to run, the platform is a Linux
server (Gentoo)
Have you seen these errors before and would you know how to resolve?
Stack trace is :
Caused by: java.io.IOException: parseAlgParameters failed: PBE
AlgorithmParameters not available at
sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:561)
at
sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1287)
at java.security.KeyStore.load(KeyStore.java:1214) at
mitm.common.security.keystore.KeyStoreLoader.loadKeyStore(KeyStoreLoader.java:99)
at
mitm.common.security.ca.handlers.ejbca.StaticEJBCACertificateRequestHandlerSettings.getKeyStore(StaticEJBCACertificateRequestHandlerSettings.java:201)
... 65 more Caused by: java.security.NoSuchAlgorithmException: PBE
AlgorithmParameters not available at
sun.security.jca.GetInstance.getInstance(GetInstance.java:159) at
java.security.Security.getImpl(Security.java:695) at
java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:146)
at
sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:557)
... 69 more
Just for the record (in the hope it might help others as well), it
turned out the link to sunjce_provider.jar in the dir
/user/share/djigzo/james-2.3.1/lib was no longer valid after some upgrade.
From /user/share/djigzo/james-2.3.1/lib there should be a link to
sunjce_provider.jar from the JVM you are using. For example on Ubuntu
12.04 with Java 7 the link should look like
sunjce_provider.jar ->
/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/ext/sunjce_provider.jar
A normal OS upgrade should not result in the link becoming invalid.
Kind regards,
Martijn Brinkers
···
On 08/17/2014 04:53 PM, Stephane Schitter wrote:
--
CipherMail email encryption
Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.
http://www.ciphermail.com
Twitter: http://twitter.com/CipherMail