wood burning stoves 2.0*
The moose likes Security and the fly likes How to reproduce Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "How to reproduce "DerInputStream.getLength(): lengthTag=127, too big"" Watch "How to reproduce "DerInputStream.getLength(): lengthTag=127, too big"" New topic

How to reproduce "DerInputStream.getLength(): lengthTag=127, too big"

Maulin Vasavada
Ranch Hand

Joined: Nov 04, 2001
Posts: 1871
Hi all,

[Aah, after long long time I am posting on this forum]

I have this issue where in our QA env on the unix machine running Sun JDK 1.6 we get the below exception when we try to hit a HTTPS url for a text file to be downloaded into our system.

In my local eclipse the file download works fine and I am using Sun JDK1.6.

I found some threads on google discussing this issue however I wanted to "reproduce this in my local eclipse". I don't know how to do it. I can download the certificate and all but I don't know how can I reproduce this locally.

I think there is some issue with the crypto policy files in the QA Unix machine where it is configured not to support the sha1RSA with 1024 bit key certificate BUT only if I reproduce on my local box I can do more testing.

Any help is greatly appreciated.

java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big.
at sun.security.util.DerInputStream.getLength(DerInputStream.java:544)
at sun.security.util.DerValue.init(DerValue.java:346)
at sun.security.util.DerValue.<init>(DerValue.java:302)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:104)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:305)

James Sabre
Ranch Hand

Joined: Sep 07, 2004
Posts: 781

A long shot - does your server have the Unlimited Strength files installed.

Retired horse trader.
 Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
Maulin Vasavada
Ranch Hand

Joined: Nov 04, 2001
Posts: 1871
Yes. My QA machine which is trying to download the file from HTTPS url does have "unlimited strength" files installed. You mean the US export policy file etc right?


subject: How to reproduce "DerInputStream.getLength(): lengthTag=127, too big"
Similar Threads
Assigning a manually read certificate to the trustStore
Problem accessing keystore: DerInputStream.getLength(): lengthTag=127, too
Importing digital certificate programmatically through jsp screen
Regarding importing pkcs12 file into keystore programmatically by uploading thru jsp
Request free personal CA Certificate in thawte