I am having trouble using SSL, as I am getting the following error related to my keystore (self-created and self-signed using keytool per: http://developer.android.com/tools/publishing/app-signing.html):
08-14 20:55:23.044: W/System.err(5430): java.io.IOException: Wrong version of key store. 08-14 20:55:23.060: W/System.err(5430): at org.bouncycastle.jce.provider.JDKKeyStore.engineLoad(JDKKeyStore.java:812) ...
The error thrown in the JDKKeyStore.java
class arises in the following code:
Blockquote From JDKKeyStore.java:
if (version != STORE_VERSION) { if (version != 0) { throw new IOException("Wrong version of key store."); } }Blockquote
In this case STORE_VERSION = 1, and my version=3 based on reading the details of the certificate held by the keystore I have created. I do not know how to generate a keystore containing a version=1 certificate.
I found this answer helpful: wrong version keystore when doing https call
however it calls for creating the keystore using the following parameters:
-storetype BKS
-provider org.bouncycastle.jce.provider.BouncyCastleProvider
-providerpath /path/to/bouncycastle.jar
However, when I try to create the keytool (using the terminal app on Mac) using these parameters:
keytool -genkeypair -v -alias androiddebugkey -keyalg RSA -keysize 2048 -validity 10000 -keypass android -keystore /Users/djames/dropbox/bc146keystore/debug.keystore -storepass android -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider –providerpath /Users/djames/dropbox/bc146keystore/
(where /Users/djames/dropbox/bc146keystore/ is the path to the bouncy castle jar: bcprov-jdk16-146.jar)
I get the following error:
keytool error: java.lang.RuntimeException: Usage error, ?providerpath is not a legal command java.lang.RuntimeException: Usage error, ?providerpath is not a legal command at sun.security.tools.KeyTool.parseArgs(KeyTool.java:375) at sun.security.tools.KeyTool.run(KeyTool.java:171) at sun.security.tools.KeyTool.main(KeyTool.java:166)
I do not understand what this is telling me. If I use: keytool -help it tells me that the following are valid options for the -genkeypair option:
-genkeypair [-v] [-protected] [-alias ] [-keyalg ] [-keysize ] [-sigalg ] [-dname ] [-validity ] [-keypass ] [-keystore ] [-storepass ] [-storetype ] [-providername ] [-providerclass [-providerarg ]] ... [-providerpath ]
But in the Oracle docs java version 6 that I am using
(http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html)
it tells me that these are the options:
-genkeypair {-alias alias} {-keyalg keyalg} {-keysize keysize} {-sigalg sigalg} [-dname dname] [-keypass keypass] {-validity valDays} {-storetype storetype} {-keystore keystore} [-storepass storepass] {-providerClass provider_class_name {-providerArg provider_arg}} {-v} {-protected} {-Jjavaoption}
which does not include the -providerpath option
. Why the discordance?
(If I do not use the -providerpath option, then I get an unknown class exception at the option: "-providerclass org.bouncycastle.jce.provider.BouncyCastleProvider"
...)
When I google: keytool -providerpath
I get nothing helpful to resolve this.
I am not sure how to solve my keystore version problem without solving my keytool problem. Any suggestions appreciated.
Jim
(Mac OSX 10.6.8 if relevant)
pem. To generate the new Keystore, Open Android Studio and click on terminal tab from the bottom bar. Make sure to rename newalias and nameofkeystore to your desired alias name and keystore file name respectively.
My problem was using a version of bouncy castle that was too new. I had to use 146 - any later and it gave me this error.
I was able to get past this problem with the version of keystore. see: keytool error when creating BKS keystore: providerpath is not a legal command
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With