*
The moose likes Beginning Java and the fly likes [error] keytool error: java.lang.IllegalArgumentException: password can't be null Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Beginning Java
Bookmark "[error] keytool error: java.lang.IllegalArgumentException: password can Watch "[error] keytool error: java.lang.IllegalArgumentException: password can New topic
Author

[error] keytool error: java.lang.IllegalArgumentException: password can't be null

Jon Camilleri
Ranch Hand

Joined: Apr 25, 2008
Posts: 660

I'm not sure why this error is being generated, since I am typing in a password, any idea what is wrong?



Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Jon>keytool -genkeypair -v -protected -alias jon -file
certif.file
What is your first and last name?
[Unknown]: Jon C.
What is the name of your organizational unit?
[Unknown]: @Jon's
What is the name of your organization?
[Unknown]: @Jon's
What is the name of your City or Locality?
[Unknown]: Birkirkara
What is the name of your State or Province?
[Unknown]: Malta(EU)
What is the two-letter country code for this unit?
[Unknown]: MT
Is CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT correct?
[no]: yes

Generating 1,024 bit DSA key pair and self-signed certificate (SHA1withDSA) with
a validity of 90 days
for: CN=Jon C., OU=@Jon's, O=@Jon's, L=Birkirkara, ST=Malta(EU), C=MT
Enter key password for <jon>
(RETURN if same as keystore password):
Re-enter new password:
[Storing C:\Documents and Settings\Jon\.keystore]
keytool error: java.lang.IllegalArgumentException: password can't be null
java.lang.IllegalArgumentException: password can't be null

at sun.security.provider.JavaKeyStore.engineStore(JavaKeyStore.java:508)

at sun.security.provider.JavaKeyStore$JKS.engineStore(JavaKeyStore.java:
38)
at java.security.KeyStore.store(KeyStore.java:1117)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:901)
at sun.security.tools.KeyTool.run(KeyTool.java:171)
at sun.security.tools.KeyTool.main(KeyTool.java:165)


Jon
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 37950
    
  22
Who wrote the key generating software? How does it receive its password?
Jon Camilleri
Ranch Hand

Joined: Apr 25, 2008
Posts: 660

Campbell Ritchie wrote:Who wrote the key generating software? How does it receive its password?


I typed the password..
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 37950
    
  22
That doesn't answer my question. How does the password get from your terminal/command line to the program? Can you get it to echo the password, or print it to an option pane or something? Then you can verify that the password actually reaches your application.
Joanne Neal
Rancher

Joined: Aug 05, 2005
Posts: 3419
    
  12
@Campbell: keytool is a utility that is part of the JDK. As far as I know it's not possible to get it to echo the password.

@Jon: have you tried using the -keypass/-storepass parameters to specify the password rather than typing them in ?


Joanne
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 37950
    
  22
Thank you, Joanne. I didn't know that. Still can't see how it can pass null, however.
Jon Camilleri
Ranch Hand

Joined: Apr 25, 2008
Posts: 660

Joanne Neal wrote:@Campbell: keytool is a utility that is part of the JDK. As far as I know it's not possible to get it to echo the password.

@Jon: have you tried using the -keypass/-storepass parameters to specify the password rather than typing them in ?


How do you mean Joanne, I tried the following:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Jon>keytool -help
keytool usage:

-certreq [-v] [-protected]
[-alias <alias>] [-sigalg <sigalg>]
[-file <csr_file>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-changealias [-v] [-protected] -alias <alias> -destalias <destalias>
[-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-delete [-v] [-protected] -alias <alias>
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-exportcert [-v] [-rfc] [-protected]
[-alias <alias>] [-file <cert_file>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-genkeypair [-v] [-protected]
[-alias <alias>]
[-keyalg <keyalg>] [-keysize <keysize>]
[-sigalg <sigalg>] [-dname <dname>]
[-validity <valDays>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-genseckey [-v] [-protected]
[-alias <alias>] [-keypass <keypass>]
[-keyalg <keyalg>] [-keysize <keysize>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-help

-importcert [-v] [-noprompt] [-trustcacerts] [-protected]
[-alias <alias>]
[-file <cert_file>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-importkeystore [-v]
[-srckeystore <srckeystore>] [-destkeystore <destkeystore>]
[-srcstoretype <srcstoretype>] [-deststoretype <deststoretype>]
[-srcstorepass <srcstorepass>] [-deststorepass <deststorepass>]
[-srcprotected] [-destprotected]
[-srcprovidername <srcprovidername>]
[-destprovidername <destprovidername>]
[-srcalias <srcalias> [-destalias <destalias>]
[-srckeypass <srckeypass>] [-destkeypass <destkeypass>]]
[-noprompt]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-keypasswd [-v] [-alias <alias>]
[-keypass <old_keypass>] [-new <new_keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-list [-v | -rfc] [-protected]
[-alias <alias>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-printcert [-v] [-file <cert_file>]

-storepasswd [-v] [-new <new_storepass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

C:\Documents and Settings\Jon>keytool -genkeypair -alias jon -file key.file -sto
repasswd -new j1misdead
keytool error: java.lang.Exception: Keystore file does not exist: C:\Documents a
nd Settings\Jon\.keystore

Andrew Monkhouse
author and jackaroo
Marshal Commander

Joined: Mar 28, 2003
Posts: 11404
    
  81

Jon Camilleri wrote:C:\Documents and Settings\Jon>keytool -help
keytool usage:

[snip]

-genkeypair [-v] [-protected]
[-alias <alias>]
[-keyalg <keyalg>] [-keysize <keysize>]
[-sigalg <sigalg>] [-dname <dname>]
[-validity <valDays>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

[snip]


From the output you provided, we can see the allowable options for -genkeypair, however you are using options that are not listed:

Jon Camilleri wrote:
C:\Documents and Settings\Jon>keytool -genkeypair -alias jon -file key.file -storepasswd -new j1misdead

keytool error: java.lang.Exception: Keystore file does not exist: C:\Documents and Settings\Jon\.keystore


The Sun Certified Java Developer Exam with J2SE 5: paper version from Amazon, PDF from Apress, Online reference: Books 24x7 Personal blog
Jon Camilleri
Ranch Hand

Joined: Apr 25, 2008
Posts: 660

Andrew Monkhouse wrote:
Jon Camilleri wrote:C:\Documents and Settings\Jon>keytool -help
keytool usage:

[snip]

-genkeypair [-v] [-protected]
[-alias <alias>]
[-keyalg <keyalg>] [-keysize <keysize>]
[-sigalg <sigalg>] [-dname <dname>]
[-validity <valDays>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

[snip]


From the output you provided, we can see the allowable options for -genkeypair, however you are using options that are not listed:

Jon Camilleri wrote:
C:\Documents and Settings\Jon>keytool -genkeypair -alias jon -file key.file -storepasswd -new j1misdead

keytool error: java.lang.Exception: Keystore file does not exist: C:\Documents and Settings\Jon\.keystore


I see more options:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Jon>keytool -help
keytool usage:

-certreq [-v] [-protected]
[-alias <alias>] [-sigalg <sigalg>]
[-file <csr_file>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-changealias [-v] [-protected] -alias <alias> -destalias <destalias>
[-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-delete [-v] [-protected] -alias <alias>
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-exportcert [-v] [-rfc] [-protected]
[-alias <alias>] [-file <cert_file>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-genkeypair [-v] [-protected]
[-alias <alias>]
[-keyalg <keyalg>] [-keysize <keysize>]
[-sigalg <sigalg>] [-dname <dname>]
[-validity <valDays>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-genseckey [-v] [-protected]
[-alias <alias>] [-keypass <keypass>]
[-keyalg <keyalg>] [-keysize <keysize>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-help

-importcert [-v] [-noprompt] [-trustcacerts] [-protected]
[-alias <alias>]
[-file <cert_file>] [-keypass <keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-importkeystore [-v]
[-srckeystore <srckeystore>] [-destkeystore <destkeystore>]
[-srcstoretype <srcstoretype>] [-deststoretype <deststoretype>]
[-srcstorepass <srcstorepass>] [-deststorepass <deststorepass>]
[-srcprotected] [-destprotected]
[-srcprovidername <srcprovidername>]
[-destprovidername <destprovidername>]
[-srcalias <srcalias> [-destalias <destalias>]
[-srckeypass <srckeypass>] [-destkeypass <destkeypass>]]
[-noprompt]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-keypasswd [-v] [-alias <alias>]
[-keypass <old_keypass>] [-new <new_keypass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-list [-v | -rfc] [-protected]
[-alias <alias>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

-printcert [-v] [-file <cert_file>]

-storepasswd [-v] [-new <new_storepass>]
[-keystore <keystore>] [-storepass <storepass>]
[-storetype <storetype>] [-providername <name>]
[-providerclass <provider_class_name> [-providerarg <arg>]] ...
[-providerpath <pathlist>]

C:\Documents and Settings\Jon>java -version
java version "1.6.0_25"
Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing)

C:\Documents and Settings\Jon>
Joanne Neal
Rancher

Joined: Aug 05, 2005
Posts: 3419
    
  12
Jon Camilleri wrote:I see more options:

keytool has a number of sub-options and each of these suboptions has a number of options.
Each blank line separated block in your output is a suboption followed by its options.
You are trying to generate a key pair using the genkeypair suboption and only the options shown within that block (i.e. what Andrew posted) are allowed.
Two of those options are -keypass and -storepass which allow you to specify passwords. You'll need to check the keytool documentation to find which you need to use.
Note that it is -storepass, not storepasswd (that is a separate suboption).
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: [error] keytool error: java.lang.IllegalArgumentException: password can't be null
 
Similar Threads
put an applet into a web page
Signed an applet
SSL Cert Error - Mismatched Address