Skip to Main Content

ORDS, SODA & JSON in the Database

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

ORDS 3.0.5 - How to create DER encoded private key

MarkStewartJun 3 2016 — edited Jun 9 2016

Okay, I will be running ORDS in standalone mode as front-end to APEX 5.0.3.00.03.  I was able to successfully run ORDS using the self-signed certificate option.  When I tried to use a real certificate, I did these steps:

  1. Created a certificate signing request (CSR)
  2. Obtained an SSL Certificate and then created a private key using the command
    • openssl req -new -newkey rsa:2048 -nodes -out external_example_com.csr -keyout external_example_com.key -subj "/C=PL/ST=Warsaw/L=Warsaw/O=Example Company/OU=Servers/CN=external.example.com"
  3. Ran java -jar ords.jar and answered all the questions, and got an exception
  4. Then I read the manual for ORDS 3.0.5, and saw I needed a DER encoded private key
  5. Tried this command to create a DER-encoded private key from the external_example_com.key with the output file name of  external_example_com.der
    • openssl rsa -outform DER -in external_example_com.key  -out external_example_com.der
  6. removed the params directory and reran java -jar ords.jar and answered all the questions, specifying
    • Enter the path for the SSL Certificates private key:/etc/ssl/external_example_com.der
  7. Got an exception.
2016-06-03 16:55:36.127:INFO::main: Logging initialized @444508ms
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Provided certificate. Removing old the keystore files
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Deleted ords keystore false
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Deleted priv key false
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: Deleted passfile false
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty setupSSL
INFO: User provided certificate.
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty readCertificate
SEVERE: Error extracting private key
Jun 03, 2016 4:55:36 PM oracle.dbtools.standalone.StandaloneJetty readCertificate
SEVERE: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
        at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(Unknown Source)
        at java.security.KeyFactory.generatePrivate(Unknown Source)
        at oracle.dbtools.standalone.StandaloneJetty.readCertificate(StandaloneJetty.java:343)
        at oracle.dbtools.standalone.StandaloneJetty.setupSSL(StandaloneJetty.java:511)
        at oracle.dbtools.standalone.StandaloneJetty.start(StandaloneJetty.java:216)
        at oracle.dbtools.standalone.Standalone.execute(Standalone.java:438)
        at oracle.dbtools.cmdline.DefaultCommand.execute(DefaultCommand.java:134)
        at oracle.dbtools.cmdline.Commands.execute(Commands.java:193)
        at oracle.dbtools.cmdline.Commands.main(Commands.java:154)
        at oracle.dbtools.cmdline.Commands.main(Commands.java:346)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at oracle.dbtools.jarcl.Entrypoint.main(Entrypoint.java:58)
Caused by: java.security.InvalidKeyException: IOException : algid parse error, not a sequence
        at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
        at sun.security.pkcs.PKCS8Key.decode(Unknown Source)
        at sun.security.rsa.RSAPrivateCrtKeyImpl.(Unknown Source)
        at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(Unknown Source)
        at sun.security.rsa.RSAKeyFactory.generatePrivate(Unknown Source)
        ... 15 more

I tried also encoding the public certificate too, and also got an exception.

Comments

Processing
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Jul 1 2016
Added on Jun 3 2016
0 comments
1,221 views