aqnouch
Certificate error
When i run command " java -jar service/target/TextSecureServer-3.21.jar server service/config/config.yml" i get:
INFO [2020-09-14 10:32:04,204] io.dropwizard.server.DefaultServerFactory: Registering jersey handler with root path prefix: /
INFO [2020-09-14 10:32:04,209] io.dropwizard.server.DefaultServerFactory: Registering admin handler with root path prefix: /
org.bouncycastle.openssl.PEMException: problem parsing cert: java.security.cert.CertificateException: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag
at org.bouncycastle.openssl.PEMReader$X509CertificateParser.parseObject(Unknown Source)
at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source)
at org.whispersystems.textsecuregcm.push.RetryingApnsClient.initializeCertificate(RetryingApnsClient.java:76)
at org.whispersystems.textsecuregcm.push.RetryingApnsClient.
When i run command " java -jar service/target/TextSecureServer-3.21.jar server service/config/config.yml" i get: INFO [2020-09-14 10:32:04,204] io.dropwizard.server.DefaultServerFactory: Registering jersey handler with root path prefix: / INFO [2020-09-14 10:32:04,209] io.dropwizard.server.DefaultServerFactory: Registering admin handler with root path prefix: / org.bouncycastle.openssl.PEMException: problem parsing cert: java.security.cert.CertificateException: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag at org.bouncycastle.openssl.PEMReader$X509CertificateParser.parseObject(Unknown Source) at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source) at org.whispersystems.textsecuregcm.push.RetryingApnsClient.initializeCertificate(RetryingApnsClient.java:76) at org.whispersystems.textsecuregcm.push.RetryingApnsClient.(RetryingApnsClient.java:49) at org.whispersystems.textsecuregcm.push.APNSender.(APNSender.java:70) at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:246) at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:151) at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:44) at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:87) at io.dropwizard.cli.Cli.run(Cli.java:78) at io.dropwizard.Application.run(Application.java:94) at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:406) Caused by: java.security.cert.CertificateException: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag at org.bouncycastle.jce.provider.JDKX509CertificateFactory.engineGenerateCertificate(Unknown Source) at java.base/java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:355) ... 12 more Caused by: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag at org.bouncycastle.asn1.x509.AlgorithmIdentifier.getInstance(Unknown Source) at org.bouncycastle.asn1.x509.TBSCertificateStructure.(Unknown Source) at org.bouncycastle.asn1.x509.TBSCertificateStructure.getInstance(Unknown Source) at org.bouncycastle.asn1.x509.X509CertificateStructure.(Unknown Source) at org.bouncycastle.asn1.x509.X509CertificateStructure.getInstance(Unknown Source) at org.bouncycastle.jce.provider.JDKX509CertificateFactory.readDERCertificate(Unknown Source) ... 14 more
@popad028 Hi update your configuration as below, use file path instead of directly copy-pasting the cert/key.
config.yml
apn: # Apple Push Notifications configuration
sandbox: false # false for production else true for dev/stage/qa etc.
bundleId: com.domain.chat # change it to your bundle id
pushCertificate: config/push_prod.crt # change it to your .crt file path
pushKey: config/push_prod.key # change it to your key file path
RetryingApnsClient.java (replace below methods in this class)
private static X509Certificate initializeCertificate(String pemCertificate) throws IOException {
@SuppressWarnings("resource")
// PEMReader reader = new PEMReader(new InputStreamReader((new ByteArrayInputStream(pemCertificate.getBytes()))));
PEMReader reader = new PEMReader(new InputStreamReader((new FileInputStream(pemCertificate))));
return (X509Certificate) reader.readObject();
}
private static PrivateKey initializePrivateKey(String pemKey) throws IOException {
@SuppressWarnings("resource")
// PEMReader reader = new PEMReader(new InputStreamReader(new ByteArrayInputStream(pemKey.getBytes())));
PEMReader reader = new PEMReader(new InputStreamReader(new FileInputStream(pemKey)));
return ((KeyPair) reader.readObject()).getPrivate();
}
Cert and Key files will be read by FileInputStremReader.
....
@popad028 Hi update your configuration as below, use file path instead of directly copy-pasting the cert/key.
config.yml
apn: # Apple Push Notifications configuration sandbox: false # false for production else true for dev/stage/qa etc. bundleId: com.domain.chat # change it to your bundle id pushCertificate: config/push_prod.crt # change it to your .crt file path pushKey: config/push_prod.key # change it to your key file pathRetryingApnsClient.java (replace below methods in this class)
private static X509Certificate initializeCertificate(String pemCertificate) throws IOException { @SuppressWarnings("resource") // PEMReader reader = new PEMReader(new InputStreamReader((new ByteArrayInputStream(pemCertificate.getBytes())))); PEMReader reader = new PEMReader(new InputStreamReader((new FileInputStream(pemCertificate)))); return (X509Certificate) reader.readObject(); } private static PrivateKey initializePrivateKey(String pemKey) throws IOException { @SuppressWarnings("resource") // PEMReader reader = new PEMReader(new InputStreamReader(new ByteArrayInputStream(pemKey.getBytes()))); PEMReader reader = new PEMReader(new InputStreamReader(new FileInputStream(pemKey))); return ((KeyPair) reader.readObject()).getPrivate(); }Cert and Key files will be read by FileInputStremReader.
@aartivshegokar
I used this way to try to solve the same problem, but when I modified RetryingApnsClient.java, service 3.21 build failure.
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[77,69] cannot find symbol
symbol: class FileInputStream
location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient
[ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[84,68] cannot find symbol
symbol: class FileInputStream
location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project service: Compilation failure: Compilation failure:
[ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[77,69] cannot find symbol
[ERROR] symbol: class FileInputStream
[ERROR] location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient
[ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[84,68] cannot find symbol
[ERROR] symbol: class FileInputStream
[ERROR] location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient
look like you dont import the FileInputStream library!
....
@popad028 Hi update your configuration as below, use file path instead of directly copy-pasting the cert/key.
config.yml
apn: # Apple Push Notifications configuration sandbox: false # false for production else true for dev/stage/qa etc. bundleId: com.domain.chat # change it to your bundle id pushCertificate: config/push_prod.crt # change it to your .crt file path pushKey: config/push_prod.key # change it to your key file pathRetryingApnsClient.java (replace below methods in this class)
private static X509Certificate initializeCertificate(String pemCertificate) throws IOException { @SuppressWarnings("resource") // PEMReader reader = new PEMReader(new InputStreamReader((new ByteArrayInputStream(pemCertificate.getBytes())))); PEMReader reader = new PEMReader(new InputStreamReader((new FileInputStream(pemCertificate)))); return (X509Certificate) reader.readObject(); } private static PrivateKey initializePrivateKey(String pemKey) throws IOException { @SuppressWarnings("resource") // PEMReader reader = new PEMReader(new InputStreamReader(new ByteArrayInputStream(pemKey.getBytes()))); PEMReader reader = new PEMReader(new InputStreamReader(new FileInputStream(pemKey))); return ((KeyPair) reader.readObject()).getPrivate(); }Cert and Key files will be read by FileInputStremReader.
@aartivshegokar I used this way to try to solve the same problem, but when I modified
RetryingApnsClient.java, service 3.21 build failure.[ERROR] COMPILATION ERROR : [INFO] ------------------------------------------------------------- [ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[77,69] cannot find symbol symbol: class FileInputStream location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient [ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[84,68] cannot find symbol symbol: class FileInputStream location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient [ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project service: Compilation failure: Compilation failure: [ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[77,69] cannot find symbol [ERROR] symbol: class FileInputStream [ERROR] location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient [ERROR] /home/ubuntu/Signal-Server/service/src/main/java/org/whispersystems/textsecuregcm/push/RetryingApnsClient.java:[84,68] cannot find symbol [ERROR] symbol: class FileInputStream [ERROR] location: class org.whispersystems.textsecuregcm.push.RetryingApnsClient
Hello, I follow your instruction and got this error
INFO [2021-01-26 04:07:22,736] io.dropwizard.server.DefaultServerFactory: Registering jersey handler with root path prefix: /
INFO [2021-01-26 04:07:22,739] io.dropwizard.server.DefaultServerFactory: Registering admin handler with root path prefix: /
INFO [2021-01-26 04:07:23,531] com.turo.pushy.apns.ApnsClientBuilder: Native SSL provider is available; will use native provider.
org.bouncycastle.openssl.PEMException: problem parsing PRIVATE KEY: java.lang.IllegalArgumentException: unknown object in getInstance: org.bouncycastle.asn1.DERApplicationSpecific
at org.bouncycastle.openssl.PEMReader$PrivateKeyParser.parseObject(Unknown Source)
at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source)
at org.whispersystems.textsecuregcm.gcp.CanonicalRequestSigner.initializeRsaSigningKey(CanonicalRequestSigner.java:64)
at org.whispersystems.textsecuregcm.gcp.CanonicalRequestSigner.<init>(CanonicalRequestSigner.java:23)
at org.whispersystems.textsecuregcm.controllers.AttachmentControllerV3.<init>(AttachmentControllerV3.java:46)
at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:304)
at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:151)
at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:44)
at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:87)
at io.dropwizard.cli.Cli.run(Cli.java:78)
at io.dropwizard.Application.run(Application.java:94)
at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:406)
Caused by: java.lang.IllegalArgumentException: unknown object in getInstance: org.bouncycastle.asn1.DERApplicationSpecific
at org.bouncycastle.asn1.ASN1Sequence.getInstance(Unknown Source)
at org.bouncycastle.asn1.pkcs.PrivateKeyInfo.getInstance(Unknown Source)
... 12 more
Could you show me how to fix it? Many thank.
