CODEWITHSUNDEEP
javasecurityencryptionx509certificatedigital-certificate
Suresh Atta
Suresh Atta

Reputation: 122006

java.security.cert.CertificateParsingException: signed fields invalid

I'm trying to read a X509 certificate 

FileInputStream fr = new FileInputStream("suresh.pfx");
CertificateFactory cf =   CertificateFactory.getInstance("X509");
X509Certificate c = (X509Certificate) cf.generateCertificate(fr);

And run in to the exception

java.security.cert.CertificateParsingException: signed fields invalid
    at sun.security.x509.X509CertImpl.parse(Unknown Source)
    at sun.security.x509.X509CertImpl.<init>(Unknown Source)
    at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
    at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
    at com.nextenders.certificategeenrator.CertificateGenerator.testGenerateSignCertWithKeyStore(CertificateGenerator.java:102)
    at com.nextenders.certificategeenrator.CertificateGenerator.main(CertificateGenerator.java:65)

Found something related to it from Oracle forum with no solution.

Any hints ?

Upvotes: 10

Views: 37912

Answers (1)

MorAdan
MorAdan

Reputation: 191

PFX isn't a certificate but a keystore in itself.

To get the certificate you have to load the pfx into a keystore and then get the certificate:

InputStream certIs=new FileInputStream("suresh.pfx");
KeyStore ks=KeyStore.getInstance("PKCS12");
ks.load(certIs.getInputStream(),"password".toCharArray());
Certificate cert=ks.getCertificate("alias");

Regards

Upvotes: 19

Related Questions