What is the "default" password for exporting the CA keystore

View: New views

20 Messages — Rating Filter: Alert me

< Prev | 1 - 2 | Next >

	What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I am trying to export a CA keystore, but I do not know the password. I used to accept default in most stage of installation. I have tried "ejbca" but it does not work. Can anyone tell me if there is a default password of this kind, or when this password is set? Thanks a lot.
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Sorry for not providing the error message in the message before. The error message is: HTTP Status 400 - org.ejbca.core.model.ca.catoken.CATokenAuthenticationFailedException: PKCS12 key store mac invalid - wrong password or corrupted file. In description, it said: The request sent by the client was syntactically incorrect... The CA is a self signed CVC CA with soft CA token type. stupidtss wrote: I am trying to export a CA keystore, but I do not know the password. I used to accept default in most stage of installation. I have tried "ejbca" but it does not work. Can anyone tell me if there is a default password of this kind, or when this password is set? Thanks a lot.
	Re: What is the "default" password for exporting the CA keystore by Johan Eklund :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, Try "foo123". Best Regards, Johan stupidtss skrev: > Sorry for not providing the error message in the message before. The error > message is: > > HTTP Status 400 - > org.ejbca.core.model.ca.catoken.CATokenAuthenticationFailedException: PKCS12 > key store mac invalid - wrong password or corrupted file. In description, > it said: The request sent by the client was syntactically incorrect... > > The CA is a self signed CVC CA with soft CA token type. > > > > stupidtss wrote: > >> I am trying to export a CA keystore, but I do not know the password. I >> used to accept default in most stage of installation. I have tried >> "ejbca" but it does not work. >> >> Can anyone tell me if there is a default password of this kind, or when >> this password is set? Thanks a lot. >> >> > > -- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact info@... for more information. http://download.primekey.se/documents/ejbca_subscription.pdf http://download.primekey.se/documents/ejbca_training.pdf ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop smime.p7s (3K) Download Attachment
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I just try foo123 but it still not work. The same message still come out. Johan Eklund wrote: Hi, Try "foo123". Best Regards, Johan stupidtss skrev: > Sorry for not providing the error message in the message before. The error > message is: > > HTTP Status 400 - > org.ejbca.core.model.ca.catoken.CATokenAuthenticationFailedException: PKCS12 > key store mac invalid - wrong password or corrupted file. In description, > it said: The request sent by the client was syntactically incorrect... > > The CA is a self signed CVC CA with soft CA token type. > > > > stupidtss wrote: > >> I am trying to export a CA keystore, but I do not know the password. I >> used to accept default in most stage of installation. I have tried >> "ejbca" but it does not work. >> >> Can anyone tell me if there is a default password of this kind, or when >> this password is set? Thanks a lot. >> >> > > -- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact info@primekey.se for more information. http://download.primekey.se/documents/ejbca_subscription.pdf http://download.primekey.se/documents/ejbca_training.pdf ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message it is configured in conf/ejbca.properties ca.keystorepass /Tomas stupidtss wrote: > I am trying to export a CA keystore, but I do not know the password. I used > to accept default in most stage of installation. I have tried "ejbca" but > it does not work. > > Can anyone tell me if there is a default password of this kind, or when this > password is set? Thanks a lot. ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I haven't made any change to that file. The line is still being commented. Is the password still foo123? Tomas Gustavsson wrote: it is configured in conf/ejbca.properties ca.keystorepass /Tomas stupidtss wrote: > I am trying to export a CA keystore, but I do not know the password. I used > to accept default in most stage of installation. I have tried "ejbca" but > it does not work. > > Can anyone tell me if there is a default password of this kind, or when this > password is set? Thanks a lot. ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message In that case yes, it is foo123 stupidtss wrote: > I haven't made any change to that file. The line is still being commented. > Is the password still foo123? > > Tomas Gustavsson wrote: >> >> it is configured in conf/ejbca.properties ca.keystorepass >> >> /Tomas >> >> >> stupidtss wrote: >>> I am trying to export a CA keystore, but I do not know the password. I >>> used >>> to accept default in most stage of installation. I have tried "ejbca" >>> but >>> it does not work. >>> >>> Can anyone tell me if there is a default password of this kind, or when >>> this >>> password is set? Thanks a lot. >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message However, the same message " ... PKCS12 key store mac invalid - wrong password or corrupted file." still come out even if I create another new CVC CA. Is there any information that may help troubleshoot this case? Thanks. Tomas Gustavsson wrote: In that case yes, it is foo123 stupidtss wrote: > I haven't made any change to that file. The line is still being commented. > Is the password still foo123? > > Tomas Gustavsson wrote: >> >> it is configured in conf/ejbca.properties ca.keystorepass >> >> /Tomas >> >> >> stupidtss wrote: >>> I am trying to export a CA keystore, but I do not know the password. I >>> used >>> to accept default in most stage of installation. I have tried "ejbca" >>> but >>> it does not work. >>> >>> Can anyone tell me if there is a default password of this kind, or when >>> this >>> password is set? Thanks a lot. >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On my cvca it work if I enter foo123 in the input field and press "Export CA keystore". I get a pkcs#8 file to download. If I enter the wrong password I get the same as you get. I guess you did not specify another keystore password when you created the CVCA? /Tomas stupidtss wrote: > However, the same message " ... PKCS12 key store mac invalid - wrong password > or corrupted file." still come out even if I create another new CVC CA. Is > there any information that may help troubleshoot this case? > > Thanks. > > Tomas Gustavsson wrote: >> >> In that case yes, it is foo123 >> >> stupidtss wrote: >>> I haven't made any change to that file. The line is still being >>> commented. >>> Is the password still foo123? >>> >>> Tomas Gustavsson wrote: >>>> it is configured in conf/ejbca.properties ca.keystorepass >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>>> I am trying to export a CA keystore, but I do not know the password. I >>>>> used >>>>> to accept default in most stage of installation. I have tried "ejbca" >>>>> but >>>>> it does not work. >>>>> >>>>> Can anyone tell me if there is a default password of this kind, or when >>>>> this >>>>> password is set? Thanks a lot. >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Here is how I create a new CVC CA: Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA -> Create -> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA -> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed -> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> Then I click the Create button Here is how I try to export the keystore: Select "NewCVC" (the newly created CVC CA) -> Edit -> In "CA export requires the keystore password", enter foo123 -> Then I click the Export CA keystore.. button The same error message come out. There is no place that I can enter password. Am I making any stupid mistakes in the above? Tomas Gustavsson wrote: On my cvca it work if I enter foo123 in the input field and press "Export CA keystore". I get a pkcs#8 file to download. If I enter the wrong password I get the same as you get. I guess you did not specify another keystore password when you created the CVCA? /Tomas stupidtss wrote: > However, the same message " ... PKCS12 key store mac invalid - wrong password > or corrupted file." still come out even if I create another new CVC CA. Is > there any information that may help troubleshoot this case? > > Thanks. > > Tomas Gustavsson wrote: >> >> In that case yes, it is foo123 >> >> stupidtss wrote: >>> I haven't made any change to that file. The line is still being >>> commented. >>> Is the password still foo123? >>> >>> Tomas Gustavsson wrote: >>>> it is configured in conf/ejbca.properties ca.keystorepass >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>>> I am trying to export a CA keystore, but I do not know the password. I >>>>> used >>>>> to accept default in most stage of installation. I have tried "ejbca" >>>>> but >>>>> it does not work. >>>>> >>>>> Can anyone tell me if there is a default password of this kind, or when >>>>> this >>>>> password is set? Thanks a lot. >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message There you go, you typed it yourself "Authentication Code: 12345". Regards, Tomas stupidtss wrote: > Here is how I create a new CVC CA: > Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA > -> Create -> > Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> > Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA > -> > RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> > Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed > -> > Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> > Then I click the Create button > > Here is how I try to export the keystore: > Select "NewCVC" (the newly created CVC CA) -> Edit -> > In "CA export requires the keystore password", enter foo123 -> > Then I click the Export CA keystore.. button > > The same error message come out. > > There is no place that I can enter password. Am I making any stupid > mistakes in the above? > > > Tomas Gustavsson wrote: >> >> On my cvca it work if I enter foo123 in the input field and press >> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >> wrong password I get the same as you get. >> >> I guess you did not specify another keystore password when you created >> the CVCA? >> >> /Tomas >> >> >> stupidtss wrote: >>> However, the same message " ... PKCS12 key store mac invalid - wrong >>> password >>> or corrupted file." still come out even if I create another new CVC CA. >>> Is >>> there any information that may help troubleshoot this case? >>> >>> Thanks. >>> >>> Tomas Gustavsson wrote: >>>> In that case yes, it is foo123 >>>> >>>> stupidtss wrote: >>>>> I haven't made any change to that file. The line is still being >>>>> commented. >>>>> Is the password still foo123? >>>>> >>>>> Tomas Gustavsson wrote: >>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>> >>>>>> /Tomas >>>>>> >>>>>> >>>>>> stupidtss wrote: >>>>>>> I am trying to export a CA keystore, but I do not know the password. >>>>>>> I >>>>>>> used >>>>>>> to accept default in most stage of installation. I have tried >>>>>>> "ejbca" >>>>>>> but >>>>>>> it does not work. >>>>>>> >>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>> when >>>>>>> this >>>>>>> password is set? Thanks a lot. >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@... >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Yes, and thanks. The message does not come out now. However, I still cannot download the file. There is a windows popup saying that "Internet Explorer cannot download exportca from l192.168.95.137. Internet Explorer was not able to open this Internet site. The request site is either unavailable or cannot be found. Please try again later". In the background, there is another File Download windows which is trying to download the file exportca. I know this is not an EJBCA error message, but does EJBCA require any ftp server or something else to support the CA keystore download function? In my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via localhost:8080 and 8443. What else is required? Tomas Gustavsson wrote: There you go, you typed it yourself "Authentication Code: 12345". Regards, Tomas stupidtss wrote: > Here is how I create a new CVC CA: > Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA > -> Create -> > Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> > Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA > -> > RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> > Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed > -> > Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> > Then I click the Create button > > Here is how I try to export the keystore: > Select "NewCVC" (the newly created CVC CA) -> Edit -> > In "CA export requires the keystore password", enter foo123 -> > Then I click the Export CA keystore.. button > > The same error message come out. > > There is no place that I can enter password. Am I making any stupid > mistakes in the above? > > > Tomas Gustavsson wrote: >> >> On my cvca it work if I enter foo123 in the input field and press >> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >> wrong password I get the same as you get. >> >> I guess you did not specify another keystore password when you created >> the CVCA? >> >> /Tomas >> >> >> stupidtss wrote: >>> However, the same message " ... PKCS12 key store mac invalid - wrong >>> password >>> or corrupted file." still come out even if I create another new CVC CA. >>> Is >>> there any information that may help troubleshoot this case? >>> >>> Thanks. >>> >>> Tomas Gustavsson wrote: >>>> In that case yes, it is foo123 >>>> >>>> stupidtss wrote: >>>>> I haven't made any change to that file. The line is still being >>>>> commented. >>>>> Is the password still foo123? >>>>> >>>>> Tomas Gustavsson wrote: >>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>> >>>>>> /Tomas >>>>>> >>>>>> >>>>>> stupidtss wrote: >>>>>>> I am trying to export a CA keystore, but I do not know the password. >>>>>>> I >>>>>>> used >>>>>>> to accept default in most stage of installation. I have tried >>>>>>> "ejbca" >>>>>>> but >>>>>>> it does not work. >>>>>>> >>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>> when >>>>>>> this >>>>>>> password is set? Thanks a lot. >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	"wrong version for PFX PDU" when importing CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I use Firefox and is OK now. I can download the .pkcs8 file. The problem should belongs to IE. However, when I try to import back the file using Import CA keystore, it fails and a red message "wrong version for PFX PDU appear. Have I done anything wrong? By the way, I notice that if I export CA keystore for the AdminCA1 (which is a x.509 CA), the file exported is a .p12 file. Is there any difference between the two? Yes, and thanks. The message does not come out now. However, I still cannot download the file. There is a windows popup saying that "Internet Explorer cannot download exportca from l192.168.95.137. Internet Explorer was not able to open this Internet site. The request site is either unavailable or cannot be found. Please try again later". In the background, there is another File Download windows which is trying to download the file exportca. I know this is not an EJBCA error message, but does EJBCA require any ftp server or something else to support the CA keystore download function? In my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via localhost:8080 and 8443. What else is required? Tomas Gustavsson wrote: There you go, you typed it yourself "Authentication Code: 12345". Regards, Tomas stupidtss wrote: > Here is how I create a new CVC CA: > Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA > -> Create -> > Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> > Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA > -> > RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> > Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed > -> > Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> > Then I click the Create button > > Here is how I try to export the keystore: > Select "NewCVC" (the newly created CVC CA) -> Edit -> > In "CA export requires the keystore password", enter foo123 -> > Then I click the Export CA keystore.. button > > The same error message come out. > > There is no place that I can enter password. Am I making any stupid > mistakes in the above? > > > Tomas Gustavsson wrote: >> >> On my cvca it work if I enter foo123 in the input field and press >> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >> wrong password I get the same as you get. >> >> I guess you did not specify another keystore password when you created >> the CVCA? >> >> /Tomas >> >> >> stupidtss wrote: >>> However, the same message " ... PKCS12 key store mac invalid - wrong >>> password >>> or corrupted file." still come out even if I create another new CVC CA. >>> Is >>> there any information that may help troubleshoot this case? >>> >>> Thanks. >>> >>> Tomas Gustavsson wrote: >>>> In that case yes, it is foo123 >>>> >>>> stupidtss wrote: >>>>> I haven't made any change to that file. The line is still being >>>>> commented. >>>>> Is the password still foo123? >>>>> >>>>> Tomas Gustavsson wrote: >>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>> >>>>>> /Tomas >>>>>> >>>>>> >>>>>> stupidtss wrote: >>>>>>> I am trying to export a CA keystore, but I do not know the password. >>>>>>> I >>>>>>> used >>>>>>> to accept default in most stage of installation. I have tried >>>>>>> "ejbca" >>>>>>> but >>>>>>> it does not work. >>>>>>> >>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>> when >>>>>>> this >>>>>>> password is set? Thanks a lot. >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: "wrong version for PFX PDU" when importing CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Yes it is different between x.509 and CVC CAs. This is because CV certificate can not be put in pkcs12 files, the pkcs12 standard does not support that. To import a CVC CA you have to use the command line interface. ejbca.sh ca importca. Regards, Tomas stupidtss wrote: > I use Firefox and is OK now. I can download the .pkcs8 file. The problem > should belongs to IE. > > However, when I try to import back the file using Import CA keystore, it > fails and a red message "wrong version for PFX PDU appear. Have I done > anything wrong? > > By the way, I notice that if I export CA keystore for the AdminCA1 (which is > a x.509 CA), the file exported is a .p12 file. Is there any difference > between the two? > > stupidtss wrote: >> Yes, and thanks. The message does not come out now. >> >> However, I still cannot download the file. There is a windows popup >> saying that "Internet Explorer cannot download exportca from >> l192.168.95.137. Internet Explorer was not able to open this Internet >> site. The request site is either unavailable or cannot be found. Please >> try again later". In the background, there is another File Download >> windows which is trying to download the file exportca. >> >> I know this is not an EJBCA error message, but does EJBCA require any ftp >> server or something else to support the CA keystore download function? In >> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via >> localhost:8080 and 8443. What else is required? >> >> >> Tomas Gustavsson wrote: >>> >>> There you go, you typed it yourself "Authentication Code: 12345". >>> >>> Regards, >>> Tomas >>> >>> >>> stupidtss wrote: >>>> Here is how I create a new CVC CA: >>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>>> CA >>>> -> Create -> >>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>> SHA1WithRSA >>>> -> >>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>>> -> >>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>> Signed >>>> -> >>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>> blank -> >>>> Then I click the Create button >>>> >>>> Here is how I try to export the keystore: >>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>> In "CA export requires the keystore password", enter foo123 -> >>>> Then I click the Export CA keystore.. button >>>> >>>> The same error message come out. >>>> >>>> There is no place that I can enter password. Am I making any stupid >>>> mistakes in the above? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> On my cvca it work if I enter foo123 in the input field and press >>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>> wrong password I get the same as you get. >>>>> >>>>> I guess you did not specify another keystore password when you created >>>>> the CVCA? >>>>> >>>>> /Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>> password >>>>>> or corrupted file." still come out even if I create another new CVC >>>>>> CA. >>>>>> Is >>>>>> there any information that may help troubleshoot this case? >>>>>> >>>>>> Thanks. >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> In that case yes, it is foo123 >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>> commented. >>>>>>>> Is the password still foo123? >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>> >>>>>>>>> /Tomas >>>>>>>>> >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>> password. >>>>>>>>>> I >>>>>>>>>> used >>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>> "ejbca" >>>>>>>>>> but >>>>>>>>>> it does not work. >>>>>>>>>> >>>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>>> when >>>>>>>>>> this >>>>>>>>>> password is set? Thanks a lot. >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@... >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@... >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@... >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >>> ------------------------------------------------------------------------------ >>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>> is the only developer event you need to attend this year. Jumpstart your >>> developing skills, take BlackBerry mobile applications to market and stay >>> ahead of the curve. Join us from November 9-12, 2009. Register >>> now! >>> http://p.sf.net/sfu/devconf >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejbca-develop@... >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >>> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	How to create a .cvcert file? by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message In the user guide on Importing CAs under CVC CAs, the importcvca requires both the .pkcs8 (private key) and the .cvcert (public key) to work. I can generate the .pkcs8 now. Under Basic Functions, I can download a .cacert.pem or a .JKS file, but they are not .cvcert file. How can I generate the .cvcert file for a CVC CA? Please help. Thanks. Tomas Gustavsson wrote: Yes it is different between x.509 and CVC CAs. This is because CV certificate can not be put in pkcs12 files, the pkcs12 standard does not support that. To import a CVC CA you have to use the command line interface. ejbca.sh ca importca. Regards, Tomas stupidtss wrote: > I use Firefox and is OK now. I can download the .pkcs8 file. The problem > should belongs to IE. > > However, when I try to import back the file using Import CA keystore, it > fails and a red message "wrong version for PFX PDU appear. Have I done > anything wrong? > > By the way, I notice that if I export CA keystore for the AdminCA1 (which is > a x.509 CA), the file exported is a .p12 file. Is there any difference > between the two? > > stupidtss wrote: >> Yes, and thanks. The message does not come out now. >> >> However, I still cannot download the file. There is a windows popup >> saying that "Internet Explorer cannot download exportca from >> l192.168.95.137. Internet Explorer was not able to open this Internet >> site. The request site is either unavailable or cannot be found. Please >> try again later". In the background, there is another File Download >> windows which is trying to download the file exportca. >> >> I know this is not an EJBCA error message, but does EJBCA require any ftp >> server or something else to support the CA keystore download function? In >> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via >> localhost:8080 and 8443. What else is required? >> >> >> Tomas Gustavsson wrote: >>> >>> There you go, you typed it yourself "Authentication Code: 12345". >>> >>> Regards, >>> Tomas >>> >>> >>> stupidtss wrote: >>>> Here is how I create a new CVC CA: >>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>>> CA >>>> -> Create -> >>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>> SHA1WithRSA >>>> -> >>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>>> -> >>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>> Signed >>>> -> >>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>> blank -> >>>> Then I click the Create button >>>> >>>> Here is how I try to export the keystore: >>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>> In "CA export requires the keystore password", enter foo123 -> >>>> Then I click the Export CA keystore.. button >>>> >>>> The same error message come out. >>>> >>>> There is no place that I can enter password. Am I making any stupid >>>> mistakes in the above? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> On my cvca it work if I enter foo123 in the input field and press >>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>> wrong password I get the same as you get. >>>>> >>>>> I guess you did not specify another keystore password when you created >>>>> the CVCA? >>>>> >>>>> /Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>> password >>>>>> or corrupted file." still come out even if I create another new CVC >>>>>> CA. >>>>>> Is >>>>>> there any information that may help troubleshoot this case? >>>>>> >>>>>> Thanks. >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> In that case yes, it is foo123 >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>> commented. >>>>>>>> Is the password still foo123? >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>> >>>>>>>>> /Tomas >>>>>>>>> >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>> password. >>>>>>>>>> I >>>>>>>>>> used >>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>> "ejbca" >>>>>>>>>> but >>>>>>>>>> it does not work. >>>>>>>>>> >>>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>>> when >>>>>>>>>> this >>>>>>>>>> password is set? Thanks a lot. >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >>> ------------------------------------------------------------------------------ >>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>> is the only developer event you need to attend this year. Jumpstart your >>> developing skills, take BlackBerry mobile applications to market and stay >>> ahead of the curve. Join us from November 9-12, 2009. Register >>> now! >>> http://p.sf.net/sfu/devconf >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejbca-develop@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >>> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: How to create a .cvcert file? by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message ON the basic functions, choose download the certificate. If it's called .pem it is a cvcert file, just with anohter ending. Just use that. /Tomas stupidtss wrote: > In the user guide on Importing CAs under CVC CAs, the importcvca requires > both the .pkcs8 (private key) and the .cvcert (public key) to work. > > I can generate the .pkcs8 now. Under Basic Functions, I can download a > .cacert.pem or a .JKS file, but they are not .cvcert file. How can I > generate the .cvcert file for a CVC CA? > > Please help. Thanks. > > Tomas Gustavsson wrote: >> >> Yes it is different between x.509 and CVC CAs. This is because CV >> certificate can not be put in pkcs12 files, the pkcs12 standard does not >> support that. >> To import a CVC CA you have to use the command line interface. ejbca.sh >> ca importca. >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >>> I use Firefox and is OK now. I can download the .pkcs8 file. The >>> problem >>> should belongs to IE. >>> >>> However, when I try to import back the file using Import CA keystore, it >>> fails and a red message "wrong version for PFX PDU appear. Have I done >>> anything wrong? >>> >>> By the way, I notice that if I export CA keystore for the AdminCA1 (which >>> is >>> a x.509 CA), the file exported is a .p12 file. Is there any difference >>> between the two? >>> >>> stupidtss wrote: >>>> Yes, and thanks. The message does not come out now. >>>> >>>> However, I still cannot download the file. There is a windows popup >>>> saying that "Internet Explorer cannot download exportca from >>>> l192.168.95.137. Internet Explorer was not able to open this Internet >>>> site. The request site is either unavailable or cannot be found. >>>> Please >>>> try again later". In the background, there is another File Download >>>> windows which is trying to download the file exportca. >>>> >>>> I know this is not an EJBCA error message, but does EJBCA require any >>>> ftp >>>> server or something else to support the CA keystore download function? >>>> In >>>> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA >>>> via >>>> localhost:8080 and 8443. What else is required? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> There you go, you typed it yourself "Authentication Code: 12345". >>>>> >>>>> Regards, >>>>> Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> Here is how I create a new CVC CA: >>>>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new >>>>>> CVC >>>>>> CA >>>>>> -> Create -> >>>>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 >>>>>> -> >>>>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>>>> SHA1WithRSA >>>>>> -> >>>>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave >>>>>> blank >>>>>> -> >>>>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>>>> Signed >>>>>> -> >>>>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>>>> blank -> >>>>>> Then I click the Create button >>>>>> >>>>>> Here is how I try to export the keystore: >>>>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>>>> In "CA export requires the keystore password", enter foo123 -> >>>>>> Then I click the Export CA keystore.. button >>>>>> >>>>>> The same error message come out. >>>>>> >>>>>> There is no place that I can enter password. Am I making any stupid >>>>>> mistakes in the above? >>>>>> >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> On my cvca it work if I enter foo123 in the input field and press >>>>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>>>> wrong password I get the same as you get. >>>>>>> >>>>>>> I guess you did not specify another keystore password when you >>>>>>> created >>>>>>> the CVCA? >>>>>>> >>>>>>> /Tomas >>>>>>> >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>>>> password >>>>>>>> or corrupted file." still come out even if I create another new CVC >>>>>>>> CA. >>>>>>>> Is >>>>>>>> there any information that may help troubleshoot this case? >>>>>>>> >>>>>>>> Thanks. >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> In that case yes, it is foo123 >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>>>> commented. >>>>>>>>>> Is the password still foo123? >>>>>>>>>> >>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>>>> >>>>>>>>>>> /Tomas >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>>>> password. >>>>>>>>>>>> I >>>>>>>>>>>> used >>>>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>>>> "ejbca" >>>>>>>>>>>> but >>>>>>>>>>>> it does not work. >>>>>>>>>>>> >>>>>>>>>>>> Can anyone tell me if there is a default password of this kind, >>>>>>>>>>>> or >>>>>>>>>>>> when >>>>>>>>>>>> this >>>>>>>>>>>> password is set? Thanks a lot. >>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>> SF, >>>>>>>>>>> CA >>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>> Jumpstart >>>>>>>>>>> your >>>>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>>>> and >>>>>>>>>>> stay >>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>> Register >>>>>>>>>>> now! >>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>> Ejbca-develop@... >>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@... >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@... >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@... >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: How to create a .cvcert file? by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks very much for your help. I generate the public key of CVC CA according to your earlier suggestion. I use the following command to try to import a CVCA (I do not use importca as importca seems to use pkcs12 file) C:\ejbca_3_9_1\bin>ejbca ca importcvca HK C:\HK.pkcs8 C:\HongKong.cacert.pem where HK is the name of the CVCA C:\HK.pkcs8 is the full path and file name to the private key C:\HongKong.cacert.pemis the full path and file name to the public key (cv cert) The following error message comes out [main] INFO org.ejbca.util.CertTools - Certificate exception trying to read CVCertificate: java.lang.IllegalArgumentException: Unknown CVC tag value 2d at ... at ... java.security.cert.CertificationException: Certificate exception trying to read CVCertificate Is there anything wrong with the public key file? What should I do? I apologize for asking so many basic simple questions here. Tomas Gustavsson wrote: ON the basic functions, choose download the certificate. If it's called .pem it is a cvcert file, just with anohter ending. Just use that. /Tomas stupidtss wrote: > In the user guide on Importing CAs under CVC CAs, the importcvca requires > both the .pkcs8 (private key) and the .cvcert (public key) to work. > > I can generate the .pkcs8 now. Under Basic Functions, I can download a > .cacert.pem or a .JKS file, but they are not .cvcert file. How can I > generate the .cvcert file for a CVC CA? > > Please help. Thanks. > > Tomas Gustavsson wrote: >> >> Yes it is different between x.509 and CVC CAs. This is because CV >> certificate can not be put in pkcs12 files, the pkcs12 standard does not >> support that. >> To import a CVC CA you have to use the command line interface. ejbca.sh >> ca importca. >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >>> I use Firefox and is OK now. I can download the .pkcs8 file. The >>> problem >>> should belongs to IE. >>> >>> However, when I try to import back the file using Import CA keystore, it >>> fails and a red message "wrong version for PFX PDU appear. Have I done >>> anything wrong? >>> >>> By the way, I notice that if I export CA keystore for the AdminCA1 (which >>> is >>> a x.509 CA), the file exported is a .p12 file. Is there any difference >>> between the two? >>> >>> stupidtss wrote: >>>> Yes, and thanks. The message does not come out now. >>>> >>>> However, I still cannot download the file. There is a windows popup >>>> saying that "Internet Explorer cannot download exportca from >>>> l192.168.95.137. Internet Explorer was not able to open this Internet >>>> site. The request site is either unavailable or cannot be found. >>>> Please >>>> try again later". In the background, there is another File Download >>>> windows which is trying to download the file exportca. >>>> >>>> I know this is not an EJBCA error message, but does EJBCA require any >>>> ftp >>>> server or something else to support the CA keystore download function? >>>> In >>>> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA >>>> via >>>> localhost:8080 and 8443. What else is required? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> There you go, you typed it yourself "Authentication Code: 12345". >>>>> >>>>> Regards, >>>>> Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> Here is how I create a new CVC CA: >>>>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new >>>>>> CVC >>>>>> CA >>>>>> -> Create -> >>>>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 >>>>>> -> >>>>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>>>> SHA1WithRSA >>>>>> -> >>>>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave >>>>>> blank >>>>>> -> >>>>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>>>> Signed >>>>>> -> >>>>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>>>> blank -> >>>>>> Then I click the Create button >>>>>> >>>>>> Here is how I try to export the keystore: >>>>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>>>> In "CA export requires the keystore password", enter foo123 -> >>>>>> Then I click the Export CA keystore.. button >>>>>> >>>>>> The same error message come out. >>>>>> >>>>>> There is no place that I can enter password. Am I making any stupid >>>>>> mistakes in the above? >>>>>> >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> On my cvca it work if I enter foo123 in the input field and press >>>>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>>>> wrong password I get the same as you get. >>>>>>> >>>>>>> I guess you did not specify another keystore password when you >>>>>>> created >>>>>>> the CVCA? >>>>>>> >>>>>>> /Tomas >>>>>>> >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>>>> password >>>>>>>> or corrupted file." still come out even if I create another new CVC >>>>>>>> CA. >>>>>>>> Is >>>>>>>> there any information that may help troubleshoot this case? >>>>>>>> >>>>>>>> Thanks. >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> In that case yes, it is foo123 >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>>>> commented. >>>>>>>>>> Is the password still foo123? >>>>>>>>>> >>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>>>> >>>>>>>>>>> /Tomas >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>>>> password. >>>>>>>>>>>> I >>>>>>>>>>>> used >>>>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>>>> "ejbca" >>>>>>>>>>>> but >>>>>>>>>>>> it does not work. >>>>>>>>>>>> >>>>>>>>>>>> Can anyone tell me if there is a default password of this kind, >>>>>>>>>>>> or >>>>>>>>>>>> when >>>>>>>>>>>> this >>>>>>>>>>>> password is set? Thanks a lot. >>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>> SF, >>>>>>>>>>> CA >>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>> Jumpstart >>>>>>>>>>> your >>>>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>>>> and >>>>>>>>>>> stay >>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>> Register >>>>>>>>>>> now! >>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: How to create a .cvcert file? by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, thats ok to ask. Perhaps I was wrong and a PEM file is not ok. You can download a binary file with the "download to internet explorer" link. Try that instead. Regards, Tomas stupidtss wrote: > Thanks very much for your help. I generate the public key of CVC CA > according to your earlier suggestion. > > I use the following command to try to import a CVCA (I do not use importca > as importca seems to use pkcs12 file) > > C:\ejbca_3_9_1\bin>ejbca ca importcvca HK C:\HK.pkcs8 C:\HongKong.cacert.pem > where > HK is the name of the CVCA > C:\HK.pkcs8 is the full path and file name to the private key > C:\HongKong.cacert.pemis the full path and file name to the public key (cv > cert) > > The following error message comes out > > [main] INFO org.ejbca.util.CertTools - Certificate exception trying to read > CVCertificate: > java.lang.IllegalArgumentException: Unknown CVC tag value 2d > at ... > at ... > java.security.cert.CertificationException: Certificate exception trying to > read CVCertificate > > Is there anything wrong with the public key file? What should I do? > > I apologize for asking so many basic simple questions here. > > > Tomas Gustavsson wrote: >> >> ON the basic functions, choose download the certificate. If it's called >> .pem it is a cvcert file, just with anohter ending. Just use that. >> >> /Tomas >> >> >> stupidtss wrote: >>> In the user guide on Importing CAs under CVC CAs, the importcvca requires >>> both the .pkcs8 (private key) and the .cvcert (public key) to work. >>> >>> I can generate the .pkcs8 now. Under Basic Functions, I can download a >>> .cacert.pem or a .JKS file, but they are not .cvcert file. How can I >>> generate the .cvcert file for a CVC CA? >>> >>> Please help. Thanks. >>> >>> Tomas Gustavsson wrote: >>>> Yes it is different between x.509 and CVC CAs. This is because CV >>>> certificate can not be put in pkcs12 files, the pkcs12 standard does not >>>> support that. >>>> To import a CVC CA you have to use the command line interface. ejbca.sh >>>> ca importca. >>>> >>>> Regards, >>>> Tomas >>>> >>>> >>>> stupidtss wrote: >>>>> I use Firefox and is OK now. I can download the .pkcs8 file. The >>>>> problem >>>>> should belongs to IE. >>>>> >>>>> However, when I try to import back the file using Import CA keystore, >>>>> it >>>>> fails and a red message "wrong version for PFX PDU appear. Have I done >>>>> anything wrong? >>>>> >>>>> By the way, I notice that if I export CA keystore for the AdminCA1 >>>>> (which >>>>> is >>>>> a x.509 CA), the file exported is a .p12 file. Is there any difference >>>>> between the two? >>>>> >>>>> stupidtss wrote: >>>>>> Yes, and thanks. The message does not come out now. >>>>>> >>>>>> However, I still cannot download the file. There is a windows popup >>>>>> saying that "Internet Explorer cannot download exportca from >>>>>> l192.168.95.137. Internet Explorer was not able to open this Internet >>>>>> site. The request site is either unavailable or cannot be found. >>>>>> Please >>>>>> try again later". In the background, there is another File Download >>>>>> windows which is trying to download the file exportca. >>>>>> >>>>>> I know this is not an EJBCA error message, but does EJBCA require any >>>>>> ftp >>>>>> server or something else to support the CA keystore download function? >>>>>> In >>>>>> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA >>>>>> via >>>>>> localhost:8080 and 8443. What else is required? >>>>>> >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> There you go, you typed it yourself "Authentication Code: 12345". >>>>>>> >>>>>>> Regards, >>>>>>> Tomas >>>>>>> >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> Here is how I create a new CVC CA: >>>>>>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new >>>>>>>> CVC >>>>>>>> CA >>>>>>>> -> Create -> >>>>>>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 >>>>>>>> -> >>>>>>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>>>>>> SHA1WithRSA >>>>>>>> -> >>>>>>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave >>>>>>>> blank >>>>>>>> -> >>>>>>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: >>>>>>>> Self >>>>>>>> Signed >>>>>>>> -> >>>>>>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>>>>>> blank -> >>>>>>>> Then I click the Create button >>>>>>>> >>>>>>>> Here is how I try to export the keystore: >>>>>>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>>>>>> In "CA export requires the keystore password", enter foo123 -> >>>>>>>> Then I click the Export CA keystore.. button >>>>>>>> >>>>>>>> The same error message come out. >>>>>>>> >>>>>>>> There is no place that I can enter password. Am I making any stupid >>>>>>>> mistakes in the above? >>>>>>>> >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> On my cvca it work if I enter foo123 in the input field and press >>>>>>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter >>>>>>>>> the >>>>>>>>> wrong password I get the same as you get. >>>>>>>>> >>>>>>>>> I guess you did not specify another keystore password when you >>>>>>>>> created >>>>>>>>> the CVCA? >>>>>>>>> >>>>>>>>> /Tomas >>>>>>>>> >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> However, the same message " ... PKCS12 key store mac invalid - >>>>>>>>>> wrong >>>>>>>>>> password >>>>>>>>>> or corrupted file." still come out even if I create another new >>>>>>>>>> CVC >>>>>>>>>> CA. >>>>>>>>>> Is >>>>>>>>>> there any information that may help troubleshoot this case? >>>>>>>>>> >>>>>>>>>> Thanks. >>>>>>>>>> >>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>> In that case yes, it is foo123 >>>>>>>>>>> >>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>>>>>> commented. >>>>>>>>>>>> Is the password still foo123? >>>>>>>>>>>> >>>>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>>>>>> >>>>>>>>>>>>> /Tomas >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>>>>>> password. >>>>>>>>>>>>>> I >>>>>>>>>>>>>> used >>>>>>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>>>>>> "ejbca" >>>>>>>>>>>>>> but >>>>>>>>>>>>>> it does not work. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Can anyone tell me if there is a default password of this >>>>>>>>>>>>>> kind, >>>>>>>>>>>>>> or >>>>>>>>>>>>>> when >>>>>>>>>>>>>> this >>>>>>>>>>>>>> password is set? Thanks a lot. >>>>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>>>> SF, >>>>>>>>>>>>> CA >>>>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>>>> Jumpstart >>>>>>>>>>>>> your >>>>>>>>>>>>> developing skills, take BlackBerry mobile applications to >>>>>>>>>>>>> market >>>>>>>>>>>>> and >>>>>>>>>>>>> stay >>>>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>>>> Register >>>>>>>>>>>>> now! >>>>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>>>> Ejbca-develop@... >>>>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>> SF, >>>>>>>>>>> CA >>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>> Jumpstart >>>>>>>>>>> your >>>>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>>>> and >>>>>>>>>>> stay >>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>> Register >>>>>>>>>>> now! >>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>> Ejbca-develop@... >>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@... >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@... >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry(R) Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9 - 12, 2009. Register now! >> http://p.sf.net/sfu/devconference >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Johan Eklund :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message No EJBCA does not require any ftp server or anything. Just web. Perhaps IE has issues with SSL connections? (IE is very very bad at this). I guess it works with FireFox? What is your IE version? /Tomas stupidtss wrote: > Yes, and thanks. The message does not come out now. > > However, I still cannot download the file. There is a windows popup saying > that "Internet Explorer cannot download exportca from l192.168.95.137. > Internet Explorer was not able to open this Internet site. The request site > is either unavailable or cannot be found. Please try again later". In the > background, there is another File Download windows which is trying to > download the file exportca. > > I know this is not an EJBCA error message, but does EJBCA require any ftp > server or something else to support the CA keystore download function? In > my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via > localhost:8080 and 8443. What else is required? > > > Tomas Gustavsson wrote: > >> There you go, you typed it yourself "Authentication Code: 12345". >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >> >>> Here is how I create a new CVC CA: >>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>> CA >>> -> Create -> >>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>> SHA1WithRSA >>> -> >>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>> -> >>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>> Signed >>> -> >>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank >>> -> >>> Then I click the Create button >>> >>> Here is how I try to export the keystore: >>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>> In "CA export requires the keystore password", enter foo123 -> >>> Then I click the Export CA keystore.. button >>> >>> The same error message come out. >>> >>> There is no place that I can enter password. Am I making any stupid >>> mistakes in the above? >>> >>> >>> Tomas Gustavsson wrote: >>> >>>> On my cvca it work if I enter foo123 in the input field and press >>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>> wrong password I get the same as you get. >>>> >>>> I guess you did not specify another keystore password when you created >>>> the CVCA? >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>> >>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>> password >>>>> or corrupted file." still come out even if I create another new CVC CA. >>>>> Is >>>>> there any information that may help troubleshoot this case? >>>>> >>>>> Thanks. >>>>> >>>>> Tomas Gustavsson wrote: >>>>> >>>>>> In that case yes, it is foo123 >>>>>> >>>>>> stupidtss wrote: >>>>>> >>>>>>> I haven't made any change to that file. The line is still being >>>>>>> commented. >>>>>>> Is the password still foo123? >>>>>>> >>>>>>> Tomas Gustavsson wrote: >>>>>>> >>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>> >>>>>>>> /Tomas >>>>>>>> >>>>>>>> >>>>>>>> stupidtss wrote: >>>>>>>> >>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>> password. >>>>>>>>> I >>>>>>>>> used >>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>> "ejbca" >>>>>>>>> but >>>>>>>>> it does not work. >>>>>>>>> >>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>> when >>>>>>>>> this >>>>>>>>> password is set? Thanks a lot. >>>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>> CA >>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>> your >>>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>>> stay >>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>> now! >>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>> _______________________________________________ >>>>>>>> Ejbca-develop mailing list >>>>>>>> Ejbca-develop@... >>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>> >>>>>>>> >>>>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@... >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> >> > > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Yes. I switch to Firefox and it is OK now. Thanks very much. Johan Eklund wrote: No EJBCA does not require any ftp server or anything. Just web. Perhaps IE has issues with SSL connections? (IE is very very bad at this). I guess it works with FireFox? What is your IE version? /Tomas stupidtss wrote: > Yes, and thanks. The message does not come out now. > > However, I still cannot download the file. There is a windows popup saying > that "Internet Explorer cannot download exportca from l192.168.95.137. > Internet Explorer was not able to open this Internet site. The request site > is either unavailable or cannot be found. Please try again later". In the > background, there is another File Download windows which is trying to > download the file exportca. > > I know this is not an EJBCA error message, but does EJBCA require any ftp > server or something else to support the CA keystore download function? In > my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via > localhost:8080 and 8443. What else is required? > > > Tomas Gustavsson wrote: > >> There you go, you typed it yourself "Authentication Code: 12345". >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >> >>> Here is how I create a new CVC CA: >>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>> CA >>> -> Create -> >>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>> SHA1WithRSA >>> -> >>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>> -> >>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>> Signed >>> -> >>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank >>> -> >>> Then I click the Create button >>> >>> Here is how I try to export the keystore: >>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>> In "CA export requires the keystore password", enter foo123 -> >>> Then I click the Export CA keystore.. button >>> >>> The same error message come out. >>> >>> There is no place that I can enter password. Am I making any stupid >>> mistakes in the above? >>> >>> >>> Tomas Gustavsson wrote: >>> >>>> On my cvca it work if I enter foo123 in the input field and press >>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>> wrong password I get the same as you get. >>>> >>>> I guess you did not specify another keystore password when you created >>>> the CVCA? >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>> >>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>> password >>>>> or corrupted file." still come out even if I create another new CVC CA. >>>>> Is >>>>> there any information that may help troubleshoot this case? >>>>> >>>>> Thanks. >>>>> >>>>> Tomas Gustavsson wrote: >>>>> >>>>>> In that case yes, it is foo123 >>>>>> >>>>>> stupidtss wrote: >>>>>> >>>>>>> I haven't made any change to that file. The line is still being >>>>>>> commented. >>>>>>> Is the password still foo123? >>>>>>> >>>>>>> Tomas Gustavsson wrote: >>>>>>> >>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>> >>>>>>>> /Tomas >>>>>>>> >>>>>>>> >>>>>>>> stupidtss wrote: >>>>>>>> >>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>> password. >>>>>>>>> I >>>>>>>>> used >>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>> "ejbca" >>>>>>>>> but >>>>>>>>> it does not work. >>>>>>>>> >>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>> when >>>>>>>>> this >>>>>>>>> password is set? Thanks a lot. >>>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>> CA >>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>> your >>>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>>> stay >>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>> now! >>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>> _______________________________________________ >>>>>>>> Ejbca-develop mailing list >>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>> >>>>>>>> >>>>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> >> > > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop

< Prev | 1 - 2 | Next >

	What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I am trying to export a CA keystore, but I do not know the password. I used to accept default in most stage of installation. I have tried "ejbca" but it does not work. Can anyone tell me if there is a default password of this kind, or when this password is set? Thanks a lot.
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Sorry for not providing the error message in the message before. The error message is: HTTP Status 400 - org.ejbca.core.model.ca.catoken.CATokenAuthenticationFailedException: PKCS12 key store mac invalid - wrong password or corrupted file. In description, it said: The request sent by the client was syntactically incorrect... The CA is a self signed CVC CA with soft CA token type. stupidtss wrote: I am trying to export a CA keystore, but I do not know the password. I used to accept default in most stage of installation. I have tried "ejbca" but it does not work. Can anyone tell me if there is a default password of this kind, or when this password is set? Thanks a lot.
	Re: What is the "default" password for exporting the CA keystore by Johan Eklund :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, Try "foo123". Best Regards, Johan stupidtss skrev: > Sorry for not providing the error message in the message before. The error > message is: > > HTTP Status 400 - > org.ejbca.core.model.ca.catoken.CATokenAuthenticationFailedException: PKCS12 > key store mac invalid - wrong password or corrupted file. In description, > it said: The request sent by the client was syntactically incorrect... > > The CA is a self signed CVC CA with soft CA token type. > > > > stupidtss wrote: > >> I am trying to export a CA keystore, but I do not know the password. I >> used to accept default in most stage of installation. I have tried >> "ejbca" but it does not work. >> >> Can anyone tell me if there is a default password of this kind, or when >> this password is set? Thanks a lot. >> >> > > -- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact info@... for more information. http://download.primekey.se/documents/ejbca_subscription.pdf http://download.primekey.se/documents/ejbca_training.pdf ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop smime.p7s (3K) Download Attachment
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I just try foo123 but it still not work. The same message still come out. Johan Eklund wrote: Hi, Try "foo123". Best Regards, Johan stupidtss skrev: > Sorry for not providing the error message in the message before. The error > message is: > > HTTP Status 400 - > org.ejbca.core.model.ca.catoken.CATokenAuthenticationFailedException: PKCS12 > key store mac invalid - wrong password or corrupted file. In description, > it said: The request sent by the client was syntactically incorrect... > > The CA is a self signed CVC CA with soft CA token type. > > > > stupidtss wrote: > >> I am trying to export a CA keystore, but I do not know the password. I >> used to accept default in most stage of installation. I have tried >> "ejbca" but it does not work. >> >> Can anyone tell me if there is a default password of this kind, or when >> this password is set? Thanks a lot. >> >> > > -- PrimeKey Solutions offers a commercial EJBCA support subscription and training for EJBCA. Please see www.primekey.se or contact info@primekey.se for more information. http://download.primekey.se/documents/ejbca_subscription.pdf http://download.primekey.se/documents/ejbca_training.pdf ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message it is configured in conf/ejbca.properties ca.keystorepass /Tomas stupidtss wrote: > I am trying to export a CA keystore, but I do not know the password. I used > to accept default in most stage of installation. I have tried "ejbca" but > it does not work. > > Can anyone tell me if there is a default password of this kind, or when this > password is set? Thanks a lot. ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I haven't made any change to that file. The line is still being commented. Is the password still foo123? Tomas Gustavsson wrote: it is configured in conf/ejbca.properties ca.keystorepass /Tomas stupidtss wrote: > I am trying to export a CA keystore, but I do not know the password. I used > to accept default in most stage of installation. I have tried "ejbca" but > it does not work. > > Can anyone tell me if there is a default password of this kind, or when this > password is set? Thanks a lot. ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message In that case yes, it is foo123 stupidtss wrote: > I haven't made any change to that file. The line is still being commented. > Is the password still foo123? > > Tomas Gustavsson wrote: >> >> it is configured in conf/ejbca.properties ca.keystorepass >> >> /Tomas >> >> >> stupidtss wrote: >>> I am trying to export a CA keystore, but I do not know the password. I >>> used >>> to accept default in most stage of installation. I have tried "ejbca" >>> but >>> it does not work. >>> >>> Can anyone tell me if there is a default password of this kind, or when >>> this >>> password is set? Thanks a lot. >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message However, the same message " ... PKCS12 key store mac invalid - wrong password or corrupted file." still come out even if I create another new CVC CA. Is there any information that may help troubleshoot this case? Thanks. Tomas Gustavsson wrote: In that case yes, it is foo123 stupidtss wrote: > I haven't made any change to that file. The line is still being commented. > Is the password still foo123? > > Tomas Gustavsson wrote: >> >> it is configured in conf/ejbca.properties ca.keystorepass >> >> /Tomas >> >> >> stupidtss wrote: >>> I am trying to export a CA keystore, but I do not know the password. I >>> used >>> to accept default in most stage of installation. I have tried "ejbca" >>> but >>> it does not work. >>> >>> Can anyone tell me if there is a default password of this kind, or when >>> this >>> password is set? Thanks a lot. >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On my cvca it work if I enter foo123 in the input field and press "Export CA keystore". I get a pkcs#8 file to download. If I enter the wrong password I get the same as you get. I guess you did not specify another keystore password when you created the CVCA? /Tomas stupidtss wrote: > However, the same message " ... PKCS12 key store mac invalid - wrong password > or corrupted file." still come out even if I create another new CVC CA. Is > there any information that may help troubleshoot this case? > > Thanks. > > Tomas Gustavsson wrote: >> >> In that case yes, it is foo123 >> >> stupidtss wrote: >>> I haven't made any change to that file. The line is still being >>> commented. >>> Is the password still foo123? >>> >>> Tomas Gustavsson wrote: >>>> it is configured in conf/ejbca.properties ca.keystorepass >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>>> I am trying to export a CA keystore, but I do not know the password. I >>>>> used >>>>> to accept default in most stage of installation. I have tried "ejbca" >>>>> but >>>>> it does not work. >>>>> >>>>> Can anyone tell me if there is a default password of this kind, or when >>>>> this >>>>> password is set? Thanks a lot. >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Here is how I create a new CVC CA: Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA -> Create -> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA -> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed -> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> Then I click the Create button Here is how I try to export the keystore: Select "NewCVC" (the newly created CVC CA) -> Edit -> In "CA export requires the keystore password", enter foo123 -> Then I click the Export CA keystore.. button The same error message come out. There is no place that I can enter password. Am I making any stupid mistakes in the above? Tomas Gustavsson wrote: On my cvca it work if I enter foo123 in the input field and press "Export CA keystore". I get a pkcs#8 file to download. If I enter the wrong password I get the same as you get. I guess you did not specify another keystore password when you created the CVCA? /Tomas stupidtss wrote: > However, the same message " ... PKCS12 key store mac invalid - wrong password > or corrupted file." still come out even if I create another new CVC CA. Is > there any information that may help troubleshoot this case? > > Thanks. > > Tomas Gustavsson wrote: >> >> In that case yes, it is foo123 >> >> stupidtss wrote: >>> I haven't made any change to that file. The line is still being >>> commented. >>> Is the password still foo123? >>> >>> Tomas Gustavsson wrote: >>>> it is configured in conf/ejbca.properties ca.keystorepass >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>>> I am trying to export a CA keystore, but I do not know the password. I >>>>> used >>>>> to accept default in most stage of installation. I have tried "ejbca" >>>>> but >>>>> it does not work. >>>>> >>>>> Can anyone tell me if there is a default password of this kind, or when >>>>> this >>>>> password is set? Thanks a lot. >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message There you go, you typed it yourself "Authentication Code: 12345". Regards, Tomas stupidtss wrote: > Here is how I create a new CVC CA: > Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA > -> Create -> > Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> > Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA > -> > RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> > Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed > -> > Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> > Then I click the Create button > > Here is how I try to export the keystore: > Select "NewCVC" (the newly created CVC CA) -> Edit -> > In "CA export requires the keystore password", enter foo123 -> > Then I click the Export CA keystore.. button > > The same error message come out. > > There is no place that I can enter password. Am I making any stupid > mistakes in the above? > > > Tomas Gustavsson wrote: >> >> On my cvca it work if I enter foo123 in the input field and press >> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >> wrong password I get the same as you get. >> >> I guess you did not specify another keystore password when you created >> the CVCA? >> >> /Tomas >> >> >> stupidtss wrote: >>> However, the same message " ... PKCS12 key store mac invalid - wrong >>> password >>> or corrupted file." still come out even if I create another new CVC CA. >>> Is >>> there any information that may help troubleshoot this case? >>> >>> Thanks. >>> >>> Tomas Gustavsson wrote: >>>> In that case yes, it is foo123 >>>> >>>> stupidtss wrote: >>>>> I haven't made any change to that file. The line is still being >>>>> commented. >>>>> Is the password still foo123? >>>>> >>>>> Tomas Gustavsson wrote: >>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>> >>>>>> /Tomas >>>>>> >>>>>> >>>>>> stupidtss wrote: >>>>>>> I am trying to export a CA keystore, but I do not know the password. >>>>>>> I >>>>>>> used >>>>>>> to accept default in most stage of installation. I have tried >>>>>>> "ejbca" >>>>>>> but >>>>>>> it does not work. >>>>>>> >>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>> when >>>>>>> this >>>>>>> password is set? Thanks a lot. >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@... >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Yes, and thanks. The message does not come out now. However, I still cannot download the file. There is a windows popup saying that "Internet Explorer cannot download exportca from l192.168.95.137. Internet Explorer was not able to open this Internet site. The request site is either unavailable or cannot be found. Please try again later". In the background, there is another File Download windows which is trying to download the file exportca. I know this is not an EJBCA error message, but does EJBCA require any ftp server or something else to support the CA keystore download function? In my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via localhost:8080 and 8443. What else is required? Tomas Gustavsson wrote: There you go, you typed it yourself "Authentication Code: 12345". Regards, Tomas stupidtss wrote: > Here is how I create a new CVC CA: > Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA > -> Create -> > Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> > Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA > -> > RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> > Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed > -> > Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> > Then I click the Create button > > Here is how I try to export the keystore: > Select "NewCVC" (the newly created CVC CA) -> Edit -> > In "CA export requires the keystore password", enter foo123 -> > Then I click the Export CA keystore.. button > > The same error message come out. > > There is no place that I can enter password. Am I making any stupid > mistakes in the above? > > > Tomas Gustavsson wrote: >> >> On my cvca it work if I enter foo123 in the input field and press >> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >> wrong password I get the same as you get. >> >> I guess you did not specify another keystore password when you created >> the CVCA? >> >> /Tomas >> >> >> stupidtss wrote: >>> However, the same message " ... PKCS12 key store mac invalid - wrong >>> password >>> or corrupted file." still come out even if I create another new CVC CA. >>> Is >>> there any information that may help troubleshoot this case? >>> >>> Thanks. >>> >>> Tomas Gustavsson wrote: >>>> In that case yes, it is foo123 >>>> >>>> stupidtss wrote: >>>>> I haven't made any change to that file. The line is still being >>>>> commented. >>>>> Is the password still foo123? >>>>> >>>>> Tomas Gustavsson wrote: >>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>> >>>>>> /Tomas >>>>>> >>>>>> >>>>>> stupidtss wrote: >>>>>>> I am trying to export a CA keystore, but I do not know the password. >>>>>>> I >>>>>>> used >>>>>>> to accept default in most stage of installation. I have tried >>>>>>> "ejbca" >>>>>>> but >>>>>>> it does not work. >>>>>>> >>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>> when >>>>>>> this >>>>>>> password is set? Thanks a lot. >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	"wrong version for PFX PDU" when importing CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I use Firefox and is OK now. I can download the .pkcs8 file. The problem should belongs to IE. However, when I try to import back the file using Import CA keystore, it fails and a red message "wrong version for PFX PDU appear. Have I done anything wrong? By the way, I notice that if I export CA keystore for the AdminCA1 (which is a x.509 CA), the file exported is a .p12 file. Is there any difference between the two? Yes, and thanks. The message does not come out now. However, I still cannot download the file. There is a windows popup saying that "Internet Explorer cannot download exportca from l192.168.95.137. Internet Explorer was not able to open this Internet site. The request site is either unavailable or cannot be found. Please try again later". In the background, there is another File Download windows which is trying to download the file exportca. I know this is not an EJBCA error message, but does EJBCA require any ftp server or something else to support the CA keystore download function? In my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via localhost:8080 and 8443. What else is required? Tomas Gustavsson wrote: There you go, you typed it yourself "Authentication Code: 12345". Regards, Tomas stupidtss wrote: > Here is how I create a new CVC CA: > Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC CA > -> Create -> > Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> > Enable auto-activation of CA Token: enable -> Signing Algorithm: SHA1WithRSA > -> > RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank -> > Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self Signed > -> > Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank -> > Then I click the Create button > > Here is how I try to export the keystore: > Select "NewCVC" (the newly created CVC CA) -> Edit -> > In "CA export requires the keystore password", enter foo123 -> > Then I click the Export CA keystore.. button > > The same error message come out. > > There is no place that I can enter password. Am I making any stupid > mistakes in the above? > > > Tomas Gustavsson wrote: >> >> On my cvca it work if I enter foo123 in the input field and press >> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >> wrong password I get the same as you get. >> >> I guess you did not specify another keystore password when you created >> the CVCA? >> >> /Tomas >> >> >> stupidtss wrote: >>> However, the same message " ... PKCS12 key store mac invalid - wrong >>> password >>> or corrupted file." still come out even if I create another new CVC CA. >>> Is >>> there any information that may help troubleshoot this case? >>> >>> Thanks. >>> >>> Tomas Gustavsson wrote: >>>> In that case yes, it is foo123 >>>> >>>> stupidtss wrote: >>>>> I haven't made any change to that file. The line is still being >>>>> commented. >>>>> Is the password still foo123? >>>>> >>>>> Tomas Gustavsson wrote: >>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>> >>>>>> /Tomas >>>>>> >>>>>> >>>>>> stupidtss wrote: >>>>>>> I am trying to export a CA keystore, but I do not know the password. >>>>>>> I >>>>>>> used >>>>>>> to accept default in most stage of installation. I have tried >>>>>>> "ejbca" >>>>>>> but >>>>>>> it does not work. >>>>>>> >>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>> when >>>>>>> this >>>>>>> password is set? Thanks a lot. >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: "wrong version for PFX PDU" when importing CA keystore by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Yes it is different between x.509 and CVC CAs. This is because CV certificate can not be put in pkcs12 files, the pkcs12 standard does not support that. To import a CVC CA you have to use the command line interface. ejbca.sh ca importca. Regards, Tomas stupidtss wrote: > I use Firefox and is OK now. I can download the .pkcs8 file. The problem > should belongs to IE. > > However, when I try to import back the file using Import CA keystore, it > fails and a red message "wrong version for PFX PDU appear. Have I done > anything wrong? > > By the way, I notice that if I export CA keystore for the AdminCA1 (which is > a x.509 CA), the file exported is a .p12 file. Is there any difference > between the two? > > stupidtss wrote: >> Yes, and thanks. The message does not come out now. >> >> However, I still cannot download the file. There is a windows popup >> saying that "Internet Explorer cannot download exportca from >> l192.168.95.137. Internet Explorer was not able to open this Internet >> site. The request site is either unavailable or cannot be found. Please >> try again later". In the background, there is another File Download >> windows which is trying to download the file exportca. >> >> I know this is not an EJBCA error message, but does EJBCA require any ftp >> server or something else to support the CA keystore download function? In >> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via >> localhost:8080 and 8443. What else is required? >> >> >> Tomas Gustavsson wrote: >>> >>> There you go, you typed it yourself "Authentication Code: 12345". >>> >>> Regards, >>> Tomas >>> >>> >>> stupidtss wrote: >>>> Here is how I create a new CVC CA: >>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>>> CA >>>> -> Create -> >>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>> SHA1WithRSA >>>> -> >>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>>> -> >>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>> Signed >>>> -> >>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>> blank -> >>>> Then I click the Create button >>>> >>>> Here is how I try to export the keystore: >>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>> In "CA export requires the keystore password", enter foo123 -> >>>> Then I click the Export CA keystore.. button >>>> >>>> The same error message come out. >>>> >>>> There is no place that I can enter password. Am I making any stupid >>>> mistakes in the above? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> On my cvca it work if I enter foo123 in the input field and press >>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>> wrong password I get the same as you get. >>>>> >>>>> I guess you did not specify another keystore password when you created >>>>> the CVCA? >>>>> >>>>> /Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>> password >>>>>> or corrupted file." still come out even if I create another new CVC >>>>>> CA. >>>>>> Is >>>>>> there any information that may help troubleshoot this case? >>>>>> >>>>>> Thanks. >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> In that case yes, it is foo123 >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>> commented. >>>>>>>> Is the password still foo123? >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>> >>>>>>>>> /Tomas >>>>>>>>> >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>> password. >>>>>>>>>> I >>>>>>>>>> used >>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>> "ejbca" >>>>>>>>>> but >>>>>>>>>> it does not work. >>>>>>>>>> >>>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>>> when >>>>>>>>>> this >>>>>>>>>> password is set? Thanks a lot. >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@... >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@... >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@... >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >>> ------------------------------------------------------------------------------ >>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>> is the only developer event you need to attend this year. Jumpstart your >>> developing skills, take BlackBerry mobile applications to market and stay >>> ahead of the curve. Join us from November 9-12, 2009. Register >>> now! >>> http://p.sf.net/sfu/devconf >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejbca-develop@... >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >>> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	How to create a .cvcert file? by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message In the user guide on Importing CAs under CVC CAs, the importcvca requires both the .pkcs8 (private key) and the .cvcert (public key) to work. I can generate the .pkcs8 now. Under Basic Functions, I can download a .cacert.pem or a .JKS file, but they are not .cvcert file. How can I generate the .cvcert file for a CVC CA? Please help. Thanks. Tomas Gustavsson wrote: Yes it is different between x.509 and CVC CAs. This is because CV certificate can not be put in pkcs12 files, the pkcs12 standard does not support that. To import a CVC CA you have to use the command line interface. ejbca.sh ca importca. Regards, Tomas stupidtss wrote: > I use Firefox and is OK now. I can download the .pkcs8 file. The problem > should belongs to IE. > > However, when I try to import back the file using Import CA keystore, it > fails and a red message "wrong version for PFX PDU appear. Have I done > anything wrong? > > By the way, I notice that if I export CA keystore for the AdminCA1 (which is > a x.509 CA), the file exported is a .p12 file. Is there any difference > between the two? > > stupidtss wrote: >> Yes, and thanks. The message does not come out now. >> >> However, I still cannot download the file. There is a windows popup >> saying that "Internet Explorer cannot download exportca from >> l192.168.95.137. Internet Explorer was not able to open this Internet >> site. The request site is either unavailable or cannot be found. Please >> try again later". In the background, there is another File Download >> windows which is trying to download the file exportca. >> >> I know this is not an EJBCA error message, but does EJBCA require any ftp >> server or something else to support the CA keystore download function? In >> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via >> localhost:8080 and 8443. What else is required? >> >> >> Tomas Gustavsson wrote: >>> >>> There you go, you typed it yourself "Authentication Code: 12345". >>> >>> Regards, >>> Tomas >>> >>> >>> stupidtss wrote: >>>> Here is how I create a new CVC CA: >>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>>> CA >>>> -> Create -> >>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>> SHA1WithRSA >>>> -> >>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>>> -> >>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>> Signed >>>> -> >>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>> blank -> >>>> Then I click the Create button >>>> >>>> Here is how I try to export the keystore: >>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>> In "CA export requires the keystore password", enter foo123 -> >>>> Then I click the Export CA keystore.. button >>>> >>>> The same error message come out. >>>> >>>> There is no place that I can enter password. Am I making any stupid >>>> mistakes in the above? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> On my cvca it work if I enter foo123 in the input field and press >>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>> wrong password I get the same as you get. >>>>> >>>>> I guess you did not specify another keystore password when you created >>>>> the CVCA? >>>>> >>>>> /Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>> password >>>>>> or corrupted file." still come out even if I create another new CVC >>>>>> CA. >>>>>> Is >>>>>> there any information that may help troubleshoot this case? >>>>>> >>>>>> Thanks. >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> In that case yes, it is foo123 >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>> commented. >>>>>>>> Is the password still foo123? >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>> >>>>>>>>> /Tomas >>>>>>>>> >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>> password. >>>>>>>>>> I >>>>>>>>>> used >>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>> "ejbca" >>>>>>>>>> but >>>>>>>>>> it does not work. >>>>>>>>>> >>>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>>> when >>>>>>>>>> this >>>>>>>>>> password is set? Thanks a lot. >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >>> ------------------------------------------------------------------------------ >>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>> is the only developer event you need to attend this year. Jumpstart your >>> developing skills, take BlackBerry mobile applications to market and stay >>> ahead of the curve. Join us from November 9-12, 2009. Register >>> now! >>> http://p.sf.net/sfu/devconf >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejbca-develop@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >>> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: How to create a .cvcert file? by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message ON the basic functions, choose download the certificate. If it's called .pem it is a cvcert file, just with anohter ending. Just use that. /Tomas stupidtss wrote: > In the user guide on Importing CAs under CVC CAs, the importcvca requires > both the .pkcs8 (private key) and the .cvcert (public key) to work. > > I can generate the .pkcs8 now. Under Basic Functions, I can download a > .cacert.pem or a .JKS file, but they are not .cvcert file. How can I > generate the .cvcert file for a CVC CA? > > Please help. Thanks. > > Tomas Gustavsson wrote: >> >> Yes it is different between x.509 and CVC CAs. This is because CV >> certificate can not be put in pkcs12 files, the pkcs12 standard does not >> support that. >> To import a CVC CA you have to use the command line interface. ejbca.sh >> ca importca. >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >>> I use Firefox and is OK now. I can download the .pkcs8 file. The >>> problem >>> should belongs to IE. >>> >>> However, when I try to import back the file using Import CA keystore, it >>> fails and a red message "wrong version for PFX PDU appear. Have I done >>> anything wrong? >>> >>> By the way, I notice that if I export CA keystore for the AdminCA1 (which >>> is >>> a x.509 CA), the file exported is a .p12 file. Is there any difference >>> between the two? >>> >>> stupidtss wrote: >>>> Yes, and thanks. The message does not come out now. >>>> >>>> However, I still cannot download the file. There is a windows popup >>>> saying that "Internet Explorer cannot download exportca from >>>> l192.168.95.137. Internet Explorer was not able to open this Internet >>>> site. The request site is either unavailable or cannot be found. >>>> Please >>>> try again later". In the background, there is another File Download >>>> windows which is trying to download the file exportca. >>>> >>>> I know this is not an EJBCA error message, but does EJBCA require any >>>> ftp >>>> server or something else to support the CA keystore download function? >>>> In >>>> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA >>>> via >>>> localhost:8080 and 8443. What else is required? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> There you go, you typed it yourself "Authentication Code: 12345". >>>>> >>>>> Regards, >>>>> Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> Here is how I create a new CVC CA: >>>>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new >>>>>> CVC >>>>>> CA >>>>>> -> Create -> >>>>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 >>>>>> -> >>>>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>>>> SHA1WithRSA >>>>>> -> >>>>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave >>>>>> blank >>>>>> -> >>>>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>>>> Signed >>>>>> -> >>>>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>>>> blank -> >>>>>> Then I click the Create button >>>>>> >>>>>> Here is how I try to export the keystore: >>>>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>>>> In "CA export requires the keystore password", enter foo123 -> >>>>>> Then I click the Export CA keystore.. button >>>>>> >>>>>> The same error message come out. >>>>>> >>>>>> There is no place that I can enter password. Am I making any stupid >>>>>> mistakes in the above? >>>>>> >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> On my cvca it work if I enter foo123 in the input field and press >>>>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>>>> wrong password I get the same as you get. >>>>>>> >>>>>>> I guess you did not specify another keystore password when you >>>>>>> created >>>>>>> the CVCA? >>>>>>> >>>>>>> /Tomas >>>>>>> >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>>>> password >>>>>>>> or corrupted file." still come out even if I create another new CVC >>>>>>>> CA. >>>>>>>> Is >>>>>>>> there any information that may help troubleshoot this case? >>>>>>>> >>>>>>>> Thanks. >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> In that case yes, it is foo123 >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>>>> commented. >>>>>>>>>> Is the password still foo123? >>>>>>>>>> >>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>>>> >>>>>>>>>>> /Tomas >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>>>> password. >>>>>>>>>>>> I >>>>>>>>>>>> used >>>>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>>>> "ejbca" >>>>>>>>>>>> but >>>>>>>>>>>> it does not work. >>>>>>>>>>>> >>>>>>>>>>>> Can anyone tell me if there is a default password of this kind, >>>>>>>>>>>> or >>>>>>>>>>>> when >>>>>>>>>>>> this >>>>>>>>>>>> password is set? Thanks a lot. >>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>> SF, >>>>>>>>>>> CA >>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>> Jumpstart >>>>>>>>>>> your >>>>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>>>> and >>>>>>>>>>> stay >>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>> Register >>>>>>>>>>> now! >>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>> Ejbca-develop@... >>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@... >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@... >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@... >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: How to create a .cvcert file? by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks very much for your help. I generate the public key of CVC CA according to your earlier suggestion. I use the following command to try to import a CVCA (I do not use importca as importca seems to use pkcs12 file) C:\ejbca_3_9_1\bin>ejbca ca importcvca HK C:\HK.pkcs8 C:\HongKong.cacert.pem where HK is the name of the CVCA C:\HK.pkcs8 is the full path and file name to the private key C:\HongKong.cacert.pemis the full path and file name to the public key (cv cert) The following error message comes out [main] INFO org.ejbca.util.CertTools - Certificate exception trying to read CVCertificate: java.lang.IllegalArgumentException: Unknown CVC tag value 2d at ... at ... java.security.cert.CertificationException: Certificate exception trying to read CVCertificate Is there anything wrong with the public key file? What should I do? I apologize for asking so many basic simple questions here. Tomas Gustavsson wrote: ON the basic functions, choose download the certificate. If it's called .pem it is a cvcert file, just with anohter ending. Just use that. /Tomas stupidtss wrote: > In the user guide on Importing CAs under CVC CAs, the importcvca requires > both the .pkcs8 (private key) and the .cvcert (public key) to work. > > I can generate the .pkcs8 now. Under Basic Functions, I can download a > .cacert.pem or a .JKS file, but they are not .cvcert file. How can I > generate the .cvcert file for a CVC CA? > > Please help. Thanks. > > Tomas Gustavsson wrote: >> >> Yes it is different between x.509 and CVC CAs. This is because CV >> certificate can not be put in pkcs12 files, the pkcs12 standard does not >> support that. >> To import a CVC CA you have to use the command line interface. ejbca.sh >> ca importca. >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >>> I use Firefox and is OK now. I can download the .pkcs8 file. The >>> problem >>> should belongs to IE. >>> >>> However, when I try to import back the file using Import CA keystore, it >>> fails and a red message "wrong version for PFX PDU appear. Have I done >>> anything wrong? >>> >>> By the way, I notice that if I export CA keystore for the AdminCA1 (which >>> is >>> a x.509 CA), the file exported is a .p12 file. Is there any difference >>> between the two? >>> >>> stupidtss wrote: >>>> Yes, and thanks. The message does not come out now. >>>> >>>> However, I still cannot download the file. There is a windows popup >>>> saying that "Internet Explorer cannot download exportca from >>>> l192.168.95.137. Internet Explorer was not able to open this Internet >>>> site. The request site is either unavailable or cannot be found. >>>> Please >>>> try again later". In the background, there is another File Download >>>> windows which is trying to download the file exportca. >>>> >>>> I know this is not an EJBCA error message, but does EJBCA require any >>>> ftp >>>> server or something else to support the CA keystore download function? >>>> In >>>> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA >>>> via >>>> localhost:8080 and 8443. What else is required? >>>> >>>> >>>> Tomas Gustavsson wrote: >>>>> There you go, you typed it yourself "Authentication Code: 12345". >>>>> >>>>> Regards, >>>>> Tomas >>>>> >>>>> >>>>> stupidtss wrote: >>>>>> Here is how I create a new CVC CA: >>>>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new >>>>>> CVC >>>>>> CA >>>>>> -> Create -> >>>>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 >>>>>> -> >>>>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>>>> SHA1WithRSA >>>>>> -> >>>>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave >>>>>> blank >>>>>> -> >>>>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>>>>> Signed >>>>>> -> >>>>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>>>> blank -> >>>>>> Then I click the Create button >>>>>> >>>>>> Here is how I try to export the keystore: >>>>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>>>> In "CA export requires the keystore password", enter foo123 -> >>>>>> Then I click the Export CA keystore.. button >>>>>> >>>>>> The same error message come out. >>>>>> >>>>>> There is no place that I can enter password. Am I making any stupid >>>>>> mistakes in the above? >>>>>> >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> On my cvca it work if I enter foo123 in the input field and press >>>>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>>>>> wrong password I get the same as you get. >>>>>>> >>>>>>> I guess you did not specify another keystore password when you >>>>>>> created >>>>>>> the CVCA? >>>>>>> >>>>>>> /Tomas >>>>>>> >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>>>>> password >>>>>>>> or corrupted file." still come out even if I create another new CVC >>>>>>>> CA. >>>>>>>> Is >>>>>>>> there any information that may help troubleshoot this case? >>>>>>>> >>>>>>>> Thanks. >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> In that case yes, it is foo123 >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>>>> commented. >>>>>>>>>> Is the password still foo123? >>>>>>>>>> >>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>>>> >>>>>>>>>>> /Tomas >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>>>> password. >>>>>>>>>>>> I >>>>>>>>>>>> used >>>>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>>>> "ejbca" >>>>>>>>>>>> but >>>>>>>>>>>> it does not work. >>>>>>>>>>>> >>>>>>>>>>>> Can anyone tell me if there is a default password of this kind, >>>>>>>>>>>> or >>>>>>>>>>>> when >>>>>>>>>>>> this >>>>>>>>>>>> password is set? Thanks a lot. >>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>> SF, >>>>>>>>>>> CA >>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>> Jumpstart >>>>>>>>>>> your >>>>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>>>> and >>>>>>>>>>> stay >>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>> Register >>>>>>>>>>> now! >>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>> is the only developer event you need to attend this year. Jumpstart >>>>> your >>>>> developing skills, take BlackBerry mobile applications to market and >>>>> stay >>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>> now! >>>>> http://p.sf.net/sfu/devconf >>>>> _______________________________________________ >>>>> Ejbca-develop mailing list >>>>> Ejbca-develop@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>> >>>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: How to create a .cvcert file? by Tomas Gustavsson :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, thats ok to ask. Perhaps I was wrong and a PEM file is not ok. You can download a binary file with the "download to internet explorer" link. Try that instead. Regards, Tomas stupidtss wrote: > Thanks very much for your help. I generate the public key of CVC CA > according to your earlier suggestion. > > I use the following command to try to import a CVCA (I do not use importca > as importca seems to use pkcs12 file) > > C:\ejbca_3_9_1\bin>ejbca ca importcvca HK C:\HK.pkcs8 C:\HongKong.cacert.pem > where > HK is the name of the CVCA > C:\HK.pkcs8 is the full path and file name to the private key > C:\HongKong.cacert.pemis the full path and file name to the public key (cv > cert) > > The following error message comes out > > [main] INFO org.ejbca.util.CertTools - Certificate exception trying to read > CVCertificate: > java.lang.IllegalArgumentException: Unknown CVC tag value 2d > at ... > at ... > java.security.cert.CertificationException: Certificate exception trying to > read CVCertificate > > Is there anything wrong with the public key file? What should I do? > > I apologize for asking so many basic simple questions here. > > > Tomas Gustavsson wrote: >> >> ON the basic functions, choose download the certificate. If it's called >> .pem it is a cvcert file, just with anohter ending. Just use that. >> >> /Tomas >> >> >> stupidtss wrote: >>> In the user guide on Importing CAs under CVC CAs, the importcvca requires >>> both the .pkcs8 (private key) and the .cvcert (public key) to work. >>> >>> I can generate the .pkcs8 now. Under Basic Functions, I can download a >>> .cacert.pem or a .JKS file, but they are not .cvcert file. How can I >>> generate the .cvcert file for a CVC CA? >>> >>> Please help. Thanks. >>> >>> Tomas Gustavsson wrote: >>>> Yes it is different between x.509 and CVC CAs. This is because CV >>>> certificate can not be put in pkcs12 files, the pkcs12 standard does not >>>> support that. >>>> To import a CVC CA you have to use the command line interface. ejbca.sh >>>> ca importca. >>>> >>>> Regards, >>>> Tomas >>>> >>>> >>>> stupidtss wrote: >>>>> I use Firefox and is OK now. I can download the .pkcs8 file. The >>>>> problem >>>>> should belongs to IE. >>>>> >>>>> However, when I try to import back the file using Import CA keystore, >>>>> it >>>>> fails and a red message "wrong version for PFX PDU appear. Have I done >>>>> anything wrong? >>>>> >>>>> By the way, I notice that if I export CA keystore for the AdminCA1 >>>>> (which >>>>> is >>>>> a x.509 CA), the file exported is a .p12 file. Is there any difference >>>>> between the two? >>>>> >>>>> stupidtss wrote: >>>>>> Yes, and thanks. The message does not come out now. >>>>>> >>>>>> However, I still cannot download the file. There is a windows popup >>>>>> saying that "Internet Explorer cannot download exportca from >>>>>> l192.168.95.137. Internet Explorer was not able to open this Internet >>>>>> site. The request site is either unavailable or cannot be found. >>>>>> Please >>>>>> try again later". In the background, there is another File Download >>>>>> windows which is trying to download the file exportca. >>>>>> >>>>>> I know this is not an EJBCA error message, but does EJBCA require any >>>>>> ftp >>>>>> server or something else to support the CA keystore download function? >>>>>> In >>>>>> my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA >>>>>> via >>>>>> localhost:8080 and 8443. What else is required? >>>>>> >>>>>> >>>>>> Tomas Gustavsson wrote: >>>>>>> There you go, you typed it yourself "Authentication Code: 12345". >>>>>>> >>>>>>> Regards, >>>>>>> Tomas >>>>>>> >>>>>>> >>>>>>> stupidtss wrote: >>>>>>>> Here is how I create a new CVC CA: >>>>>>>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new >>>>>>>> CVC >>>>>>>> CA >>>>>>>> -> Create -> >>>>>>>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 >>>>>>>> -> >>>>>>>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>>>>>>> SHA1WithRSA >>>>>>>> -> >>>>>>>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave >>>>>>>> blank >>>>>>>> -> >>>>>>>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: >>>>>>>> Self >>>>>>>> Signed >>>>>>>> -> >>>>>>>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave >>>>>>>> blank -> >>>>>>>> Then I click the Create button >>>>>>>> >>>>>>>> Here is how I try to export the keystore: >>>>>>>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>>>>>>> In "CA export requires the keystore password", enter foo123 -> >>>>>>>> Then I click the Export CA keystore.. button >>>>>>>> >>>>>>>> The same error message come out. >>>>>>>> >>>>>>>> There is no place that I can enter password. Am I making any stupid >>>>>>>> mistakes in the above? >>>>>>>> >>>>>>>> >>>>>>>> Tomas Gustavsson wrote: >>>>>>>>> On my cvca it work if I enter foo123 in the input field and press >>>>>>>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter >>>>>>>>> the >>>>>>>>> wrong password I get the same as you get. >>>>>>>>> >>>>>>>>> I guess you did not specify another keystore password when you >>>>>>>>> created >>>>>>>>> the CVCA? >>>>>>>>> >>>>>>>>> /Tomas >>>>>>>>> >>>>>>>>> >>>>>>>>> stupidtss wrote: >>>>>>>>>> However, the same message " ... PKCS12 key store mac invalid - >>>>>>>>>> wrong >>>>>>>>>> password >>>>>>>>>> or corrupted file." still come out even if I create another new >>>>>>>>>> CVC >>>>>>>>>> CA. >>>>>>>>>> Is >>>>>>>>>> there any information that may help troubleshoot this case? >>>>>>>>>> >>>>>>>>>> Thanks. >>>>>>>>>> >>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>> In that case yes, it is foo123 >>>>>>>>>>> >>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>> I haven't made any change to that file. The line is still being >>>>>>>>>>>> commented. >>>>>>>>>>>> Is the password still foo123? >>>>>>>>>>>> >>>>>>>>>>>> Tomas Gustavsson wrote: >>>>>>>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>>>>>>> >>>>>>>>>>>>> /Tomas >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> stupidtss wrote: >>>>>>>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>>>>>>> password. >>>>>>>>>>>>>> I >>>>>>>>>>>>>> used >>>>>>>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>>>>>>> "ejbca" >>>>>>>>>>>>>> but >>>>>>>>>>>>>> it does not work. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Can anyone tell me if there is a default password of this >>>>>>>>>>>>>> kind, >>>>>>>>>>>>>> or >>>>>>>>>>>>>> when >>>>>>>>>>>>>> this >>>>>>>>>>>>>> password is set? Thanks a lot. >>>>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>>>> SF, >>>>>>>>>>>>> CA >>>>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>>>> Jumpstart >>>>>>>>>>>>> your >>>>>>>>>>>>> developing skills, take BlackBerry mobile applications to >>>>>>>>>>>>> market >>>>>>>>>>>>> and >>>>>>>>>>>>> stay >>>>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>>>> Register >>>>>>>>>>>>> now! >>>>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>>>> Ejbca-develop@... >>>>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>> Come build with us! The BlackBerry® Developer Conference in >>>>>>>>>>> SF, >>>>>>>>>>> CA >>>>>>>>>>> is the only developer event you need to attend this year. >>>>>>>>>>> Jumpstart >>>>>>>>>>> your >>>>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>>>> and >>>>>>>>>>> stay >>>>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. >>>>>>>>>>> Register >>>>>>>>>>> now! >>>>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ejbca-develop mailing list >>>>>>>>>>> Ejbca-develop@... >>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>>> CA >>>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>>> your >>>>>>>>> developing skills, take BlackBerry mobile applications to market >>>>>>>>> and >>>>>>>>> stay >>>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>>> now! >>>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>>> _______________________________________________ >>>>>>>>> Ejbca-develop mailing list >>>>>>>>> Ejbca-develop@... >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>>> >>>>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>> CA >>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>> your >>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>> stay >>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>> now! >>>>>>> http://p.sf.net/sfu/devconf >>>>>>> _______________________________________________ >>>>>>> Ejbca-develop mailing list >>>>>>> Ejbca-develop@... >>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>> >>>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry(R) Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9 - 12, 2009. Register now! >> http://p.sf.net/sfu/devconference >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by Johan Eklund :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message No EJBCA does not require any ftp server or anything. Just web. Perhaps IE has issues with SSL connections? (IE is very very bad at this). I guess it works with FireFox? What is your IE version? /Tomas stupidtss wrote: > Yes, and thanks. The message does not come out now. > > However, I still cannot download the file. There is a windows popup saying > that "Internet Explorer cannot download exportca from l192.168.95.137. > Internet Explorer was not able to open this Internet site. The request site > is either unavailable or cannot be found. Please try again later". In the > background, there is another File Download windows which is trying to > download the file exportca. > > I know this is not an EJBCA error message, but does EJBCA require any ftp > server or something else to support the CA keystore download function? In > my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via > localhost:8080 and 8443. What else is required? > > > Tomas Gustavsson wrote: > >> There you go, you typed it yourself "Authentication Code: 12345". >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >> >>> Here is how I create a new CVC CA: >>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>> CA >>> -> Create -> >>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>> SHA1WithRSA >>> -> >>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>> -> >>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>> Signed >>> -> >>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank >>> -> >>> Then I click the Create button >>> >>> Here is how I try to export the keystore: >>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>> In "CA export requires the keystore password", enter foo123 -> >>> Then I click the Export CA keystore.. button >>> >>> The same error message come out. >>> >>> There is no place that I can enter password. Am I making any stupid >>> mistakes in the above? >>> >>> >>> Tomas Gustavsson wrote: >>> >>>> On my cvca it work if I enter foo123 in the input field and press >>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>> wrong password I get the same as you get. >>>> >>>> I guess you did not specify another keystore password when you created >>>> the CVCA? >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>> >>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>> password >>>>> or corrupted file." still come out even if I create another new CVC CA. >>>>> Is >>>>> there any information that may help troubleshoot this case? >>>>> >>>>> Thanks. >>>>> >>>>> Tomas Gustavsson wrote: >>>>> >>>>>> In that case yes, it is foo123 >>>>>> >>>>>> stupidtss wrote: >>>>>> >>>>>>> I haven't made any change to that file. The line is still being >>>>>>> commented. >>>>>>> Is the password still foo123? >>>>>>> >>>>>>> Tomas Gustavsson wrote: >>>>>>> >>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>> >>>>>>>> /Tomas >>>>>>>> >>>>>>>> >>>>>>>> stupidtss wrote: >>>>>>>> >>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>> password. >>>>>>>>> I >>>>>>>>> used >>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>> "ejbca" >>>>>>>>> but >>>>>>>>> it does not work. >>>>>>>>> >>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>> when >>>>>>>>> this >>>>>>>>> password is set? Thanks a lot. >>>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>> CA >>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>> your >>>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>>> stay >>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>> now! >>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>> _______________________________________________ >>>>>>>> Ejbca-develop mailing list >>>>>>>> Ejbca-develop@... >>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>> >>>>>>>> >>>>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@... >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@... >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> >> > > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@... https://lists.sourceforge.net/lists/listinfo/ejbca-develop
	Re: What is the "default" password for exporting the CA keystore by stupidtss :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Yes. I switch to Firefox and it is OK now. Thanks very much. Johan Eklund wrote: No EJBCA does not require any ftp server or anything. Just web. Perhaps IE has issues with SSL connections? (IE is very very bad at this). I guess it works with FireFox? What is your IE version? /Tomas stupidtss wrote: > Yes, and thanks. The message does not come out now. > > However, I still cannot download the file. There is a windows popup saying > that "Internet Explorer cannot download exportca from l192.168.95.137. > Internet Explorer was not able to open this Internet site. The request site > is either unavailable or cannot be found. Please try again later". In the > background, there is another File Download windows which is trying to > download the file exportca. > > I know this is not an EJBCA error message, but does EJBCA require any ftp > server or something else to support the CA keystore download function? In > my PC, I only install JBOSS and EJBCA, and I used to connent to EJBCA via > localhost:8080 and 8443. What else is required? > > > Tomas Gustavsson wrote: > >> There you go, you typed it yourself "Authentication Code: 12345". >> >> Regards, >> Tomas >> >> >> stupidtss wrote: >> >>> Here is how I create a new CVC CA: >>> Edit Certificate Authorities -> Enter a new name (NewCVC) of the new CVC >>> CA >>> -> Create -> >>> Type of CA: CVC -> CA Token Type: Soft -> Authentication Code: 12345 -> >>> Enable auto-activation of CA Token: enable -> Signing Algorithm: >>> SHA1WithRSA >>> -> >>> RSA key size: 1024 -> DSA key size: 1024 -> ECDSA key spec: leave blank >>> -> >>> Key sequence: 00000 -> Subject DN: CN=foobar, C=MA -> Signed by: Self >>> Signed >>> -> >>> Certificate Profile: ROOTCA -> Validity: 365d -> Description: leave blank >>> -> >>> Then I click the Create button >>> >>> Here is how I try to export the keystore: >>> Select "NewCVC" (the newly created CVC CA) -> Edit -> >>> In "CA export requires the keystore password", enter foo123 -> >>> Then I click the Export CA keystore.. button >>> >>> The same error message come out. >>> >>> There is no place that I can enter password. Am I making any stupid >>> mistakes in the above? >>> >>> >>> Tomas Gustavsson wrote: >>> >>>> On my cvca it work if I enter foo123 in the input field and press >>>> "Export CA keystore". I get a pkcs#8 file to download. If I enter the >>>> wrong password I get the same as you get. >>>> >>>> I guess you did not specify another keystore password when you created >>>> the CVCA? >>>> >>>> /Tomas >>>> >>>> >>>> stupidtss wrote: >>>> >>>>> However, the same message " ... PKCS12 key store mac invalid - wrong >>>>> password >>>>> or corrupted file." still come out even if I create another new CVC CA. >>>>> Is >>>>> there any information that may help troubleshoot this case? >>>>> >>>>> Thanks. >>>>> >>>>> Tomas Gustavsson wrote: >>>>> >>>>>> In that case yes, it is foo123 >>>>>> >>>>>> stupidtss wrote: >>>>>> >>>>>>> I haven't made any change to that file. The line is still being >>>>>>> commented. >>>>>>> Is the password still foo123? >>>>>>> >>>>>>> Tomas Gustavsson wrote: >>>>>>> >>>>>>>> it is configured in conf/ejbca.properties ca.keystorepass >>>>>>>> >>>>>>>> /Tomas >>>>>>>> >>>>>>>> >>>>>>>> stupidtss wrote: >>>>>>>> >>>>>>>>> I am trying to export a CA keystore, but I do not know the >>>>>>>>> password. >>>>>>>>> I >>>>>>>>> used >>>>>>>>> to accept default in most stage of installation. I have tried >>>>>>>>> "ejbca" >>>>>>>>> but >>>>>>>>> it does not work. >>>>>>>>> >>>>>>>>> Can anyone tell me if there is a default password of this kind, or >>>>>>>>> when >>>>>>>>> this >>>>>>>>> password is set? Thanks a lot. >>>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Come build with us! The BlackBerry® Developer Conference in SF, >>>>>>>> CA >>>>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>>>> your >>>>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>>>> stay >>>>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>>>> now! >>>>>>>> http://p.sf.net/sfu/devconf >>>>>>>> _______________________________________________ >>>>>>>> Ejbca-develop mailing list >>>>>>>> Ejbca-develop@lists.sourceforge.net >>>>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>>>> >>>>>>>> >>>>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>>>> is the only developer event you need to attend this year. Jumpstart >>>>>> your >>>>>> developing skills, take BlackBerry mobile applications to market and >>>>>> stay >>>>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>>>> now! >>>>>> http://p.sf.net/sfu/devconf >>>>>> _______________________________________________ >>>>>> Ejbca-develop mailing list >>>>>> Ejbca-develop@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>>>> >>>>>> >>>>>> >>>> ------------------------------------------------------------------------------ >>>> Come build with us! The BlackBerry® Developer Conference in SF, CA >>>> is the only developer event you need to attend this year. Jumpstart your >>>> developing skills, take BlackBerry mobile applications to market and >>>> stay >>>> ahead of the curve. Join us from November 9-12, 2009. Register >>>> now! >>>> http://p.sf.net/sfu/devconf >>>> _______________________________________________ >>>> Ejbca-develop mailing list >>>> Ejbca-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>>> >>>> >>>> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry® Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9-12, 2009. Register >> now! >> http://p.sf.net/sfu/devconf >> _______________________________________________ >> Ejbca-develop mailing list >> Ejbca-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> >> > > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Ejbca-develop mailing list Ejbca-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ejbca-develop

What is the "default" password for exporting the CA keystore

What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore

"wrong version for PFX PDU" when importing CA keystore

Re: "wrong version for PFX PDU" when importing CA keystore

How to create a .cvcert file?

Re: How to create a .cvcert file?

Re: How to create a .cvcert file?

Re: How to create a .cvcert file?

Re: What is the "default" password for exporting the CA keystore

Re: What is the "default" password for exporting the CA keystore