0 Replies Latest reply on Apr 24, 2013 4:40 AM by 1005079

    Facing Problem with using Java CSP Generated KeyPair in window

      Dear all,

      I am a beginner in JCA and I am implementing a program which generate Certificate Request file(.req) file and a private key file (.key) file. Then I signed the (.req) file with Microsoft CA and combined the signed certificate (.cer) file and key file to pkcs12 format. After I got PKCS12(.pfx) file, I installed it in my window XP PC. An error occurred like below.

      "An internal error occur! The private key that you are importing might require a cryptographic service provider that is not installed on your pc!".

      My key and CSR generating program is described below!

      KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
      KeyPair keypair = keyGen.generateKeyPair();
      String prov = keyGen.getProvider().toString();
      System.out.println("Provider is :" + prov);
      System.out.println("Finished generating Key Pair : ");
      //finished generating keypair
      PublicKey publicKey = keypair.getPublic();
      System.out.println("Public Key is : "+publicKey.toString());
      PrivateKey privateKey = keypair.getPrivate();
      System.out.println("Finished Outputing Keypair " );

      sigAlg = "SHA1WithRSA";

      String csr = getCSR(cn, ou, org, loc, state, country,
                                         sigAlg, email);
      BufferedOutputStream bos1 = new BufferedOutputStream(new FileOutputStream(txtRequest.getText()));

      BufferedOutputStream bos2 = new BufferedOutputStream(new FileOutputStream(txtPrivateKey.getText()));


      public String getCSR(String CN, String OU, String O, String L, String S,
                     String C, String SigAlg , String E) throws Exception
                byte[] csr = generatePKCS10(CN, OU, O, L, S, C, SigAlg,E);
                return new String(csr);
      public static byte[] generatePKCS10(String CN, String OU, String O,
                     String L, String S, String C, String sigAlg, String E) throws Exception {
                // generate PKCS10 certificate request
                //sigAlg = "MD5WithRSA";
                PKCS10 pkcs10 = new PKCS10(publicKey);
                Signature signature = Signature.getInstance(sigAlg);
                // common, orgUnit, org, locality, state, country
                X500Name x500Name = new X500Name(CN, OU, O, L, S, C);
                pkcs10.encodeAndSign(new X500Signer(signature, x500Name));
                ByteArrayOutputStream bs = new ByteArrayOutputStream();
                PrintStream ps = new PrintStream(bs);
                byte[] c = bs.toByteArray();
                try {
                     if (ps != null)
                     if (bs != null)
                } catch (Throwable th) {
                return c;

      In that program, the default CSP for generating Key Pair is "SunRsaSign version 1.5".
      When I tested with "SunMSCAPI" provider, the private key can be generated and it is null.
      Can anyone suggest me, How can i generate Window compatible private key with Java CSP.

      With regards,