- Going wrong in obtaining cert object
- Saved searches
- Use saved searches to filter your results more quickly
- Could not parse certificate: java.io.IOException: Empty input #133
- Could not parse certificate: java.io.IOException: Empty input #133
- Comments
- Logs
- Could not parse certificate: java.io.IOException: Empty input X509Certificate
- Solution 2
- Sam
- Comments
- Saved searches
- Use saved searches to filter your results more quickly
- java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input Exception #1
- java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input Exception #1
- Comments
Going wrong in obtaining cert object
I have checked the contents of the certificate.cer file and it does contain the certificate. I am getting the below exception, while creating the cert object. Any idea where I am going wrong?
java.security.cert.CertificateException: Missing input stream at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source) at java.security.cert.CertificateFactory.generateCertificate(Unknown Source) at com.manh.msf.rest.auth.TrustManagerTest.testTrust(TrustManagerTest.java:13) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20) at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28) at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:31) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:73) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:46) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:180) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:41) at org.junit.runners.ParentRunner$1.evaluate(ParentRunner.java:173) at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28) at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:31) at org.junit.runners.ParentRunner.run(ParentRunner.java:220) Saved searches
Use saved searches to filter your results more quickly
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.
Could not parse certificate: java.io.IOException: Empty input #133
Could not parse certificate: java.io.IOException: Empty input #133
Comments
Server Version : (Server v6.5)
Dependencies : (Twilio / AWS / MinIO / Nginx / Self-Signed SSL Certificate / Docker / On Premise Redis / On Premise Postgresql / On Premise Minio / Turn / Localstack)
I am getting below error. Can i know what is the issue in my config file. And if any solution for this ?
Logs
java -jar target/TextSecureServer-6.50.1-dirty-SNAPSHOT.jar server config/config-backup.yml
INFO [2021-09-17 12:26:06,479] org.eclipse.jetty.util.log: Logging initialized @2038ms to org.eclipse.jetty.util.log.Slf4jLog
INFO [2021-09-17 12:26:06,574] io.dropwizard.server.DefaultServerFactory: Registering jersey handler with root path prefix: /
INFO [2021-09-17 12:26:06,575] io.dropwizard.server.DefaultServerFactory: Registering admin handler with root path prefix: /
INFO [2021-09-17 12:26:06,606] io.micrometer.datadog.DatadogMeterRegistry: An application key must be configured in order for unit information to be sent to Datadog.
INFO [2021-09-17 12:26:06,607] io.micrometer.core.instrument.push.PushMeterRegistry: publishing metrics for DatadogMeterRegistry every 10s
INFO [2021-09-17 12:26:09,322] org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager: Received new config version: 1
java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input
at java.base/sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:115)
at java.base/java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:355)
at org.whispersystems.textsecuregcm.util.CertificateUtil.getCertificate(CertificateUtil.java:42)
at org.whispersystems.textsecuregcm.util.CertificateUtil.buildKeyStoreForPem(CertificateUtil.java:21)
at org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient$Builder.withTrustedServerCertificate(FaultTolerantHttpClient.java:139)
at org.whispersystems.textsecuregcm.securebackup.SecureBackupClient.(SecureBackupClient.java:49)
at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:451)
at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:225)
at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:59)
at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:98)
at io.dropwizard.cli.Cli.run(Cli.java:78)
at io.dropwizard.Application.run(Application.java:94)
at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:759)
Caused by: java.io.IOException: Empty input
at java.base/sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:111)
. 12 more
The text was updated successfully, but these errors were encountered:
Could not parse certificate: java.io.IOException: Empty input X509Certificate
It’s been a while since this post but I came here looking for this issue. In my case, the key was that the certificate was in a Base64-String.getBytes[] instead of a DECODED-Base64-String.getBytes[].
Solution 2
After going through so many blogs nothing helped as such. Finally we confirmed the way client is doing his encryption and used the same jars used for our verification. I am not sure if this is correct answer or not but may help somebody who is trying hard to resolve this issue. It may give you some clue if not able to resolve above error after going through many sites. So try to use same jars which used for client encryption and get the compatible private key for your public key and add to pk12 file. Convert pk12 to jks which you can use for encryption and verification too which resolved our issue. Some process too
#**Create PKCS12 keystore from private key and public certificate.** openssl pkcs12 -export -name myservercert -in selfsigned.crt -inkey server.key -out keystore.p12 #**Convert PKCS12 keystore into a JKS keystore** keytool -importkeystore -destkeystore mykeystore.jks -srckeystore keystore.p12 -srcstoretype pkcs12 -alias myservercer Sam
Comments
- Using the same certificate I signed my own XML and verified which is working fine. That mean there is no issue with certificate.
- Client provided signed document not able to validate.
Exception in thread "main" javax.xml.crypto.MarshalException: Cannot create X509Certificate at org.jcp.xml.dsig.internal.dom.DOMX509Data.unmarshalX509Certificate(DOMX509Data.java:225) at org.jcp.xml.dsig.internal.dom.DOMX509Data.(DOMX509Data.java:116) at org.jcp.xml.dsig.internal.dom.DOMKeyInfo.(DOMKeyInfo.java:116) at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.(DOMXMLSignature.java:150) at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshal(DOMXMLSignatureFactory.java:173) at org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshalXMLSignature(DOMXMLSignatureFactory.java:137) at com.signing.ValidateSignedXML.main(ValidateSignedXML.java:126) Caused by: java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:104) at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339) at org.jcp.xml.dsig.internal.dom.DOMX509Data.unmarshalX509Certificate(DOMX509Data.java:223) . 6 more Caused by: java.io.IOException: Empty input at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:101) Adding the code here for reference
package com.signing; import java.io.FileInputStream; import java.security.KeyStore; import java.security.cert.X509Certificate; import java.util.Iterator; import javax.xml.crypto.dsig.Reference; import javax.xml.crypto.dsig.XMLSignature; import javax.xml.crypto.dsig.XMLSignatureFactory; import javax.xml.crypto.dsig.dom.DOMValidateContext; import javax.xml.parsers.DocumentBuilderFactory; import org.w3c.dom.Document; import org.w3c.dom.Node; import org.w3c.dom.NodeList; public class ValidateSignedXML < /** * @param args * @throws Exception */ /** * @param args * @throws Exception */ public static void main(String[] args) throws Exception < // TODO Auto-generated method stub // Load the KeyStore and get the signing key and certificate. KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(new FileInputStream("C:\\Program Files\\Java\\jre1.8.0_31\\bin\\newstore8.jks"), "changeit7".toCharArray()); KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks.getEntry ("newkey8", new KeyStore.PasswordProtection("changeit7".toCharArray())); X509Certificate cert = (X509Certificate) keyEntry.getCertificate(); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); //Load the signed document. DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().parse (new FileInputStream("C:\\src\\com\\signing\\signed.xml")); // Find Signature element. NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if (nl.getLength() == 0) < throw new Exception("Cannot find Signature element"); >else < /*System.out.println("---- Start of Print Tag ----\n"); for(int k=0;kSystem.out.println("---- End of Print Tag ----\n");*/ > // Create a DOMValidateContext and specify a KeySelector // and document context. DOMValidateContext valContext = new DOMValidateContext (new X509KeySelector(), nl.item(0)); // Unmarshal the XMLSignature. XMLSignature signatures = fac.unmarshalXMLSignature(valContext); // Validate the XMLSignature. boolean coreValidity = signatures.validate(valContext); System.out.println("Signature Validate :"+coreValidity); // Check core validation status. if (coreValidity == false) < String validateError; validateError = "Signature core validation status:false"; boolean sv = signatures.getSignatureValue().validate(valContext); validateError = validateError + " | Signature validation status:" + sv; if (sv == false || true) < validateError = validateError + " | References: "; // Check the validation status of each Reference. Iterator g = signatures.getSignedInfo().getReferences().iterator(); for (int j = 0; g.hasNext(); j++) < Reference r = (Reference) g.next(); boolean refValid = r.validate(valContext); validateError = validateError + ""; > > throw new Exception(validateError); > else < System.out.println("Signature passed core validation"); >> > Saved searches
Use saved searches to filter your results more quickly
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input Exception #1
java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input Exception #1
Comments
Hi,
At first, your OCSP source code is excellent. I am trying to use your code, I wrote a main method to test it. My source code is at below;
import org.apache.commons.codec.binary.Base64;
import sun.misc.BASE64Decoder;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
public static String serverCert= "certs/spidrserver.pem"; public static String intCert= "certs/spidrinter.pem"; public static String rootCert= "certs/spidrroot.pem"; static byte[] certDataServer = Base64.decodeBase64(serverCert.getBytes()); static byte[] certDataInt = Base64.decodeBase64(intCert.getBytes()); static byte[] certDataRoot = Base64.decodeBase64(rootCert.getBytes()); static File certFile = new File(serverCert); public static void isFileExist()< if (certFile.exists())< System.out.println("Certificate founded!"); >else < System.out.println("Certificate NOT FOUND!"); >> public static void main(String[] args) throws OcspException < isFileExist(); X509Certificate certificate = createCert(certDataInt); X509Certificate issuer = createCert(certDataRoot); // Create OCSP Client using builder. OcspClient client = OcspClient.builder() .set(OcspClient.EXCEPTION_ON_UNKNOWN, false) // Remove to trigger exception on 'UNKNOWN'. .set(OcspClient.EXCEPTION_ON_REVOKED, false) // Remove to trigger exception on 'REVOKED'. .build(); // Verify certificate (issuer certificate required). // CertificateIssuer issuer1 = CertificateIssuer.generate(issuer); CertificateResult response = client.verify(certificate, issuer); // Prints 'GOOD', 'REVOKED' or 'UNKNOWN'. System.out.println(response.getStatus()); >public static X509Certificate createCert(byte[] certData) < try < CertificateFactory cf=CertificateFactory.getInstance("X509"); X509Certificate cert=(X509Certificate)cf.generateCertificate(new ByteArrayInputStream(certData)); return cert; >catch ( Exception e) < throw new RuntimeException(e); >> >
`
When I try to run this code, I have encountered a «java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input Exception«
Can you have any idea to solve this problem?
The text was updated successfully, but these errors were encountered: