Wikid and JDK jdk-1.6.0_38-fcs BC bcprov-jdk15on-147 and jce_policy-6.zip

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Wikid and JDK jdk-1.6.0_38-fcs BC bcprov-jdk15on-147 and jce_policy-6.zip

bman
OK so after pulling out my hair multiple times on java7 which imo wikid should state on their site they dont support, I utilized the latest jdk 6 from oracle.com grabbed the jce for 6 and found out after more hair pulling that BC is bcprov from bouncy castle ( which again i believe wikid should document on their site).

so i pulled those together on one vm and attempted to duplicate it on another and now have an entirely different error , this error is from trying to create the intermediate CA, ( i could not change the password before because of BC)

org.apache.jasper.JasperException: Unable to compile class for JSP:

An error occurred at line: 106 in the jsp file: /cert2.jsp
The type Certificate is ambiguous
103:         cg.setPublicKey(keys.getPublic());
104:         cg.setSerialNumber(new BigInteger("1"));
105:         cg.setSubjectDN(subject);
106:         Certificate[] certs = new Certificate[1];
107:         certs[0] = cg.generateX509Certificate(keys.getPrivate());
108:
109:         req = WikidCert.makeCertRequest(subject, keys, null);


An error occurred at line: 106 in the jsp file: /cert2.jsp
The type Certificate is ambiguous
103:         cg.setPublicKey(keys.getPublic());
104:         cg.setSerialNumber(new BigInteger("1"));
105:         cg.setSubjectDN(subject);
106:         Certificate[] certs = new Certificate[1];
107:         certs[0] = cg.generateX509Certificate(keys.getPrivate());
108:
109:         req = WikidCert.makeCertRequest(subject, keys, null);


Stacktrace:
        org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:93)
        org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330)
        org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:435)
        org.apache.jasper.compiler.Compiler.compile(Compiler.java:298)
        org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
        org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
        org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
        org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:302)
        org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
        org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

Anyone see this before or have a fix for this?
Reply | Threaded
Open this post in threaded view
|

Re: Wikid and JDK jdk-1.6.0_38-fcs BC bcprov-jdk15on-147 and jce_policy-6.zip

Nick Owen
Administrator

I've never had an issue with java 7.  We typically use the openjdk.

What version of WiKID are you using?

On Dec 26, 2012 9:00 PM, "bman [via WiKID Strong Authentication Forums]" <[hidden email]> wrote:
OK so after pulling out my hair multiple times on java7 which imo wikid should state on their site they dont support, I utilized the latest jdk 6 from oracle.com grabbed the jce for 6 and found out after more hair pulling that BC is bcprov from bouncy castle ( which again i believe wikid should document on their site).

so i pulled those together on one vm and attempted to duplicate it on another and now have an entirely different error , this error is from trying to create the intermediate CA, ( i could not change the password before because of BC)

org.apache.jasper.JasperException: Unable to compile class for JSP:

An error occurred at line: 106 in the jsp file: /cert2.jsp
The type Certificate is ambiguous
103:         cg.setPublicKey(keys.getPublic());
104:         cg.setSerialNumber(new BigInteger("1"));
105:         cg.setSubjectDN(subject);
106:         Certificate[] certs = new Certificate[1];
107:         certs[0] = cg.generateX509Certificate(keys.getPrivate());
108:
109:         req = WikidCert.makeCertRequest(subject, keys, null);


An error occurred at line: 106 in the jsp file: /cert2.jsp
The type Certificate is ambiguous
103:         cg.setPublicKey(keys.getPublic());
104:         cg.setSerialNumber(new BigInteger("1"));
105:         cg.setSubjectDN(subject);
106:         Certificate[] certs = new Certificate[1];
107:         certs[0] = cg.generateX509Certificate(keys.getPrivate());
108:
109:         req = WikidCert.makeCertRequest(subject, keys, null);


Stacktrace:
        org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:93)
        org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330)
        org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:435)
        org.apache.jasper.compiler.Compiler.compile(Compiler.java:298)
        org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
        org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
        org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
        org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:302)
        org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
        org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

Anyone see this before or have a fix for this?



To start a new topic under General Discussions, email [hidden email]
To unsubscribe from WiKID Strong Authentication Forums, click here.
NAML
Reply | Threaded
Open this post in threaded view
|

Re: Wikid and JDK jdk-1.6.0_38-fcs BC bcprov-jdk15on-147 and jce_policy-6.zip

bman
In reply to this post by bman
Nick,

I am using the following
wikid-utilities-3.0.5-1
wikid-server-enterprise-3.4.0.b3008-1

this has been stable in our production env for some time, I will look at trying the newest version as I am building some test boxes to replace the current prod env.

I will try 3.5.0
Reply | Threaded
Open this post in threaded view
|

Re: Wikid and JDK jdk-1.6.0_38-fcs BC bcprov-jdk15on-147 and jce_policy-6.zip

bman
In reply to this post by bman
ok so went forward with latest version of wikid from the site 3.5.0 and again got the same errors I had and that I see other people having with version 7 of Oracle's JDK

keytool error: java.security.NoSuchAlgorithmException: unrecognized algorithm name: SHA256WithRSA
keytool error: java.lang.Exception: Keystore file does not exist: /opt/WiKID/conf/tomcatKeystore

Furthermore looking at the latest docs it says the jdk to use is "6" so ...  ???
http://www.wikidsystems.com/downloads/download-packages/support/wikid-support-center/installation-how-tos/how-to-install-the-wikid-enterprise-rpms

so previously I got around this by moving to 6, however I have at least a couple times ( testing over 6 different vms) gotten it to work for a short time with 7, I say a short time because it would fail in another spot or work until a restart, then fail on a re-install or total re-image ( even from a snapshot) so I wrote this off as others have with bugginess of code working with version 7.

so ?????????
Reply | Threaded
Open this post in threaded view
|

Re: Wikid and JDK jdk-1.6.0_38-fcs BC bcprov-jdk15on-147 and jce_policy-6.zip

bman
In reply to this post by bman
downgraded back to sun jdk-16.0_38-fcs and also using wikid 3.5.0 and I don't get the previous errors I had but still cant generate a cert, i get no error just a blank page

java -version
java version "1.6.0_38"
Java(TM) SE Runtime Environment (build 1.6.0_38-b05)
Java HotSpot(TM) 64-Bit Server VM (build 20.13-b02, mixed mode)
[root@dt1utlwikd1 WiKID]# rpm -qa|grep jdk
jdk-1.6.0_38-fcs
bcprov-jdk15on-147-1
ls -la /usr/java/latest/bin/keytool
-rwxr-xr-x 1 root root 51979 Nov 14 02:42 /usr/java/latest/bin/keytool
ls -la /usr/bin/keytool
lrwxrwxrwx 1 root root 28 Dec 27 10:53 /usr/bin/keytool -> /usr/java/latest/bin/keytool

I also have the JCE extensions installed ( build them as rpms to replace the stock jars they replace)
rpm -ql jce_6-6-3
/usr/java/latest/jre/lib/security/US_export_policy.new.jar
/usr/java/latest/jre/lib/security/local_policy.new.jar

I may try pulling bouncy castle back out, and using the stock jar which is named
bcprov-jdk15-136.jar (previously with a different version of wikid this caused an issue)
Reply | Threaded
Open this post in threaded view
|

Re: Wikid and JDK jdk-1.6.0_38-fcs BC bcprov-jdk15on-147 and jce_policy-6.zip

bman
ok, uninstalled the JDK from SUN and went with openjdk from rhel5, no errors I changed the admin password and have generated /opt/WiKID/ private/intCAKeys.p12  without having to chmod a blank file to 777 as with oracle jdk ( wasnt about to leave it that way was just debugging).

problem is now that I cant get a signed intermeddiate cert as it seems to match the one I requested that was a failed install.

I guess I'll email support as the message says.