Export PKCS12 files to PEM format using OpenSSL
Not all applications use the same certificate format. Sometimes, it is necessary to convert between the different key / certificates formats that exist. Some interesting resources online to figure that out are: (a) OpenSSL’s homepage and guide (b) Keytool’s user reference In our scenario here we have a PKCS12 file which is a private/public key pair widely used, at least on Windows platforms. We want to convert to another format, namely PEM. OpenSSL does that very nicely: openssl pkcs12 -in alice.p12 -passin pass:password -out alice.pem You will need to have openssl installed. It works on either Windows or Linux. The -in option specifies what file to read the keys / certificates from. This is our PKCS12 file. -passin lets the […]
Securing web services with Metro – com.sun.xml.wss.impl.XWSSecurityRuntimeException: PrivateKey returned by PrivateKeyCallback was Null
Typical exception: PrivateKey returned by PrivateKeyCallback was Null SEVERE: WSS1417: Error while processing signature java.lang.RuntimeException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: PrivateKey returned by PrivateKeyCallback was Null 09-Apr-2010 10:27:09 com.sun.xml.wss.jaxws.impl.SecurityTubeBase secureOutboundMessage SEVERE: WSSTUBE0024: Error in Securing Outbound Message. com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: java.lang.RuntimeException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: PrivateKey returned by PrivateKeyCallback was Null at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:241) at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:93) at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:268) at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:186) at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:147) at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:346) at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:236) at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:167) at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598) at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557) at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542) at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439) at com.sun.xml.ws.client.Stub.process(Stub.java:222) at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:135) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:109) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:89) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:118) at $Proxy48.instanceAccessQuery3(Unknown Source) at eu.webfarmr.servlet.ws.WSConnection.evaluate(WSConnection.java:156) at eu.webfarmr.servlet.ServletEnforcer.enforce(ServletEnforcer.java:150) at eu.webfarmr.servlet.AuthFilter.doFilter(AuthFilter.java:133) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:558) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:619) Caused by: com.sun.xml.wss.XWSSecurityException: java.lang.RuntimeException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: PrivateKey returned by […]
Import PKCS12 private keys into JKS keystores using Java Keytool
This is very simple yet when I googled around I saw erratic answers such as ‘it is not possible’ or ‘you have to write java code’. As a matter of fact, keytool (a key management utility shipped in Sun’s JDK) lets you do it simply. What do you want to do? Convert alice.p12 to alice.jks Why do you want to do that? In Metro, a WS stack, it is common to use JKS as a format for storing private keys How do you convert then? See below Keytool’s documentation refers to the following option -importkeystore [-v] [-srckeystore ] [-destkeystore ] [-srcstoretype ] [-deststoretype ] [-srcstorepass ] [-deststorepass ] [-srcprotected] [-destprotected] [-srcprovidername ] [-destprovidername ] [-srcalias [-destalias ] [-srckeypass ] [-destkeypass […]
SFI In Täby – First Lesson Of Swedish
Truth be told, my first encounter with the Swedish language was possibly when faced with a new keyboard layout. If it is similar in most aspects to the English one, it does have a few intruders, namely ä, å, and ö. I couldn’t help but stare at this part of the keyboard where the 3 keys lived, cozily nestled between the letter L, and the key where the backslash would normally reside on a US keyboard, just to the left of the return key. WONDERS OF A NORDIC ALPHABET: FROM A TO Ö My second – equally surprising – encounter was with the Swedish alphabet. In my twenty-odd years of written and spoken life (thus discounting the mute diaper years), […]