java keytool 给出“最终块未正确填充"
按照 本 Jetty 指南的第 3b 步使用 Keytool 和 OpenSSL,最后步骤,我正在执行命令:
Per step 3b of this Jetty guide for using Keytool and OpenSSL, last step, I'm doing the command:
keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore
当我运行命令时,我得到:keytool error: java.io.IOException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not proper padding
When I run the command, I get: keytool error: java.io.IOException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded
你知道如何解决这个问题吗?
Do you know how to resolve this?
推荐答案
在我的例子中,我已经使用我下载的 Windows openSSL 完成了一些步骤,而其他步骤则使用了 CentOs6 机器上已经存在的 openSSL.当我在 CentOs/linux 机器上完成所有步骤后,错误就消失了.
In my case, I had done some of the steps using Windows openSSL that I downloaded, and other steps using the openSSL already existing on the CentOs6 box. When I did all the steps on the CentOs/linux box, the error went away.
次要注意linux openSSL和Godaddy,注意当你开始创建CSR"过程时,使用2048生成site.key,即:
Secondary perhaps helful note linux openSSL and Godaddy, note when you begin the "create CSR" process, use 2048 in generating the site.key, namely:
openssl genrsa -des3 -out site.key 2048
openssl genrsa -des3 -out site.key 2048
-----------------更新------------------
----------------- update ------------------
我认为这个错误与我在步骤中遇到的密码问题有关.
I think this error is instead related to a password problem I made in the steps.
做完之后:
openssl pkcs12 -export -inkey jetty.key -in cert-chain.txt -out jetty.pkcs12
工具提示,输入导出密码:
the tool prompts, Enter Export Password:
输入的这个密码,必须在下一步使用,我做的是:
This password entered, must then be used in the next step, the one I did was:
java -classpath jetty-util-6.1.19.jar:jetty-6.1.19.jar org.mortbay.jetty.security.PKCS12Import jetty.pkcs12 keystore
但是根据 本文档,该步骤显然同样是:
however per this documentation that step may apparently equally be:
keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore
相关文章