I am having trouble using SSL, as I am getting the following error related to my keystore (self-created and self-signed using keytool per: http://developer.android.com/tools/publishing/app-signing.html):
08-14 20:55:23.044: W/System.err(5430): java.io.IOException: Wrong
version of key store. 08-14 20:55:23.060: W/System.err(5430): at
org.bouncycastle.jce.provider.JDKKeyStore.engineLoad(JDKKeyStore.java:812)
...
The error thrown in the JDKKeyStore.java
class arises in the following code:
Blockquote
From JDKKeyStore.java:
if (version != STORE_VERSION)
{
if (version != 0)
{
throw new IOException("Wrong version of key store.");
}
}
Blockquote
In this case STORE_VERSION = 1, and my version=3 based on reading the details of the certificate held by the keystore I have created. I do not know how to generate a keystore containing a version=1 certificate.
I found this answer helpful:
wrong version keystore when doing https call
however it calls for creating the keystore using the following parameters:
-storetype BKS
-provider org.bouncycastle.jce.provider.BouncyCastleProvider
-providerpath /path/to/bouncycastle.jar
However, when I try to create the keytool (using the terminal app on Mac) using these parameters:
keytool -genkeypair -v -alias androiddebugkey -keyalg RSA -keysize
2048 -validity 10000 -keypass android -keystore
/Users/djames/dropbox/bc146keystore/debug.keystore -storepass android
-providerclass org.bouncycastle.jce.provider.BouncyCastleProvider –providerpath /Users/djames/dropbox/bc146keystore/
(where /Users/djames/dropbox/bc146keystore/ is the path to the bouncy castle jar: bcprov-jdk16-146.jar)
I get the following error:
keytool error: java.lang.RuntimeException: Usage error, ?providerpath
is not a legal command java.lang.RuntimeException: Usage error,
?providerpath is not a legal command at
sun.security.tools.KeyTool.parseArgs(KeyTool.java:375) at
sun.security.tools.KeyTool.run(KeyTool.java:171) at
sun.security.tools.KeyTool.main(KeyTool.java:166)
I do not understand what this is telling me. If I use: keytool -help it tells me that the following are valid options for the -genkeypair option:
-genkeypair [-v] [-protected]
[-alias ]
[-keyalg ] [-keysize ]
[-sigalg ] [-dname ]
[-validity ] [-keypass ]
[-keystore ] [-storepass ]
[-storetype ] [-providername ]
[-providerclass [-providerarg ]] ...
[-providerpath ]
But in the Oracle docs java version 6 that I am using
(http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html)
it tells me that these are the options:
-genkeypair {-alias alias} {-keyalg keyalg} {-keysize keysize} {-sigalg sigalg} [-dname dname] [-keypass keypass] {-validity valDays}
{-storetype storetype} {-keystore keystore} [-storepass storepass]
{-providerClass provider_class_name {-providerArg provider_arg}} {-v}
{-protected} {-Jjavaoption}
which does not include the -providerpath option
. Why the discordance?
(If I do not use the -providerpath option, then I get an unknown class exception at the option: "-providerclass org.bouncycastle.jce.provider.BouncyCastleProvider"
...)
When I google: keytool -providerpath
I get nothing helpful to resolve this.
I am not sure how to solve my keystore version problem without solving my keytool problem. Any suggestions appreciated.
Jim
(Mac OSX 10.6.8 if relevant)
See Question&Answers more detail:
os