• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Getting Sequence Tag Error

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I have a .der format certificate. I want to import this into a keystore.
But I am getting the following exception while doing the import
keytool error: java.lang.Exception: Input not an X.509 certificate


If i try to print the certification using -printcert, it gives the following exception
sun.security.pkcs.ParsingException: Sequence tag error
at sun.security.pkcs.PKCS7.parse(PKCS7.java:118)
at sun.security.pkcs.PKCS7.<init>(PKCS7.java:68)
at sun.security.provider.X509Factory.parseX509orPKCS7Cert(X509Factory.java:530)
at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:407)
at java.security.cert.CertificateFactory.generateCertificates(CertificateFactory.java:511)
at sun.security.tools.KeyTool.doPrintCert(KeyTool.java:1021)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:539)
at sun.security.tools.KeyTool.run(KeyTool.java:124)
at sun.security.tools.KeyTool.main(KeyTool.java:118)
Caused by: java.io.IOException: Sequence tag error
at sun.security.util.DerInputStream.getSequence(DerInputStream.java:266)
at sun.security.pkcs.ContentInfo.<init>(ContentInfo.java:112)
at sun.security.pkcs.PKCS7.parse(PKCS7.java:136)
at sun.security.pkcs.PKCS7.parse(PKCS7.java:115)
... 8 more

I also tried converting the .der to .pem using utils.der2pem.java which is available in weblogic.
After converting the file, Header and footer "----BEGIN" and "----End" have been inserted into the certificate.
But Still i am getting the same exception. Can any one of you help me? I am breaking my head for the past 3 days for this issue.
 
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Why can't the error message be correct? It's not a DER-formatted X509 certificate would be my guess.
 
viswa nathan
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks. Can you tell one example using keytool to find out the format of the .der file
and also to convert the same to X509 format.
 
greg stark
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
keytool can handle either the binary DER format or the base64 PEM format for certificates, so my guess is that your file is not a certificate file. If you have enough experience, you can usually examine the first few bytes of the file and determine what kind of file it is. You'd need a hex editor to look at the file if it is a binary format. Perhaps if you can provide some history of how you came to possess this file I might be able to guess what kind of file it is.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic