This discussion is archived
0 Replies Latest reply: Apr 23, 2013 9:40 PM by 1005079 RSS

Facing Problem with using Java CSP Generated KeyPair in window

1005079 Newbie
Currently Being Moderated
Dear all,

I am a beginner in JCA and I am implementing a program which generate Certificate Request file(.req) file and a private key file (.key) file. Then I signed the (.req) file with Microsoft CA and combined the signed certificate (.cer) file and key file to pkcs12 format. After I got PKCS12(.pfx) file, I installed it in my window XP PC. An error occurred like below.

"An internal error occur! The private key that you are importing might require a cryptographic service provider that is not installed on your pc!".

My key and CSR generating program is described below!

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
KeyPair keypair = keyGen.generateKeyPair();
String prov = keyGen.getProvider().toString();
System.out.println("Provider is :" + prov);
System.out.println("Finished generating Key Pair : ");
//finished generating keypair
PublicKey publicKey = keypair.getPublic();
System.out.println("Public Key is : "+publicKey.toString());
PrivateKey privateKey = keypair.getPrivate();
System.out.println("Finished Outputing Keypair " );

sigAlg = "SHA1WithRSA";

String csr = getCSR(cn, ou, org, loc, state, country,
                                   sigAlg, email);
BufferedOutputStream bos1 = new BufferedOutputStream(new FileOutputStream(txtRequest.getText()));

BufferedOutputStream bos2 = new BufferedOutputStream(new FileOutputStream(txtPrivateKey.getText()));


public String getCSR(String CN, String OU, String O, String L, String S,
               String C, String SigAlg , String E) throws Exception
          byte[] csr = generatePKCS10(CN, OU, O, L, S, C, SigAlg,E);
          return new String(csr);
public static byte[] generatePKCS10(String CN, String OU, String O,
               String L, String S, String C, String sigAlg, String E) throws Exception {
          // generate PKCS10 certificate request
          //sigAlg = "MD5WithRSA";
          PKCS10 pkcs10 = new PKCS10(publicKey);
          Signature signature = Signature.getInstance(sigAlg);
          // common, orgUnit, org, locality, state, country
          X500Name x500Name = new X500Name(CN, OU, O, L, S, C);
          pkcs10.encodeAndSign(new X500Signer(signature, x500Name));
          ByteArrayOutputStream bs = new ByteArrayOutputStream();
          PrintStream ps = new PrintStream(bs);
          byte[] c = bs.toByteArray();
          try {
               if (ps != null)
               if (bs != null)
          } catch (Throwable th) {
          return c;

In that program, the default CSP for generating Key Pair is "SunRsaSign version 1.5".
When I tested with "SunMSCAPI" provider, the private key can be generated and it is null.
Can anyone suggest me, How can i generate Window compatible private key with Java CSP.

With regards,


  • Correct Answers - 10 points
  • Helpful Answers - 5 points