java.security.cert.CertificateParsingException: signed fields invalid

java security encryption x509certificate digital-certificate

24,798

PFX isn't a certificate but a keystore in itself.

To get the certificate you have to load the pfx into a keystore and then get the certificate:

InputStream certIs=new FileInputStream("suresh.pfx");
Keystore ks=KeyStore.getInstance("PKCS12");
ks.load(certIs.getInputStream(),"password".toCharArray());
Certificate cert=ks.getCertificate("alias");

Regards

24,798

Author by

Suresh Atta

Send a direct message My Fav questions How can a string be initialized using " "? The meaning of Java code (Object[])(Object[])arrayOfBytes[1] Where is .class defined in Java? (Is it a variable or what?)

Updated on June 21, 2020

Comments

Suresh Atta almost 4 years

I'm trying to read a X509 certificate

FileInputStream fr = new FileInputStream("suresh.pfx");
CertificateFactory cf =   CertificateFactory.getInstance("X509");
X509Certificate c = (X509Certificate) cf.generateCertificate(fr);

And run in to the exception

java.security.cert.CertificateParsingException: signed fields invalid
    at sun.security.x509.X509CertImpl.parse(Unknown Source)
    at sun.security.x509.X509CertImpl.<init>(Unknown Source)
    at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
    at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
    at com.nextenders.certificategeenrator.CertificateGenerator.testGenerateSignCertWithKeyStore(CertificateGenerator.java:102)
    at com.nextenders.certificategeenrator.CertificateGenerator.main(CertificateGenerator.java:65)

Found something related to it from Oracle forum with no solution.

Any hints ?