File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Sockets and Internet Protocols and the fly likes Unable to establish SSL connection using Java PKCS11 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "Unable to establish SSL connection using Java PKCS11" Watch "Unable to establish SSL connection using Java PKCS11" New topic

Unable to establish SSL connection using Java PKCS11

Narasimha Bhamidipati

Joined: Oct 15, 2012
Posts: 1
I am currently trying to establish SSL connectivity using eToken via PKCS11.
The PKCS11 provider is setup and I can read the 3 stored certificates as a key Store Object.
But I am getting the following exception while trying to establish SSL connectivity.
I am using JDK 6.0(java version "1.6.0_31-rev).

at Source)
Caused by: Unsupported key type: SunPKCS11-aladdin-0 RSA private key, 2048 bits (id 147980297, token object, sensitive, unextractable)
at javax.crypto.Cipher.b(DashoA13*..)
at javax.crypto.Cipher.a(DashoA13*..)

KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = getClientKeyStore(); //read Smart Card Token to get the Certificate
kmf.init(keyStore, "mycardPin".toCharArray()); //#### hard coded the i/p parms

TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream("C:\\Users\\usr1\\Desktop\\Certifi cates\\mycertca.jks"), "mycardPin".toCharArray());

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
factory = sslContext.getSocketFactory();
sslClient = (SSLSocket) factory.createSocket(host, port);
sslClient.startHandshake(); //<--- code is breaking here with the above exception

I am struggling like anything for the last 4 days to get rid of this issue. Please let me know is there any work-around to fix this issue.
I really appreciate your help.
I agree. Here's the link:
subject: Unable to establish SSL connection using Java PKCS11
It's not a secret anymore!