TextSecure Signal Server – 证书错误

huangapple go评论79阅读模式
英文:

TextSecure Signal Server - Certificate Error

问题

我按照这里的指南尝试部署 Signal Server。
链接

构建部分一切都成功了。但是当我使用这个命令运行服务时:

java -jar service/target/TextSecureServer-3.21.jar server service/config/config.yml

我得到以下错误:

INFO  [2020-09-10 04:52:48,319] io.dropwizard.server.DefaultServerFactory: 正在使用根路径前缀注册 Jersey 处理程序:/
INFO  [2020-09-10 04:52:48,320] io.dropwizard.server.DefaultServerFactory: 正在使用根路径前缀注册管理处理程序:/
org.bouncycastle.opensl.PEMException: 证书解析问题: java.security.cert.CertificateException: java.lang.IllegalArgumentException: 工厂中的未知对象: org.bouncycastle.asn1.DERUnknownTag
	at org.bouncycastle.openssl.PEMReader$X509CertificateParser.parseObject(Unknown Source)
	at org.bouncycastle.opensl.PEMReader.readObject(Unknown Source)
	at org.whispersystems.textsecuregcm.push.RetryingApnsClient.initializeCertificate(RetryingApnsClient.java:76)
	at org.whispersystems.textsecuregcm.push.RetryingApnsClient.<init>(RetryingApnsClient.java:49)
	at org.whispersystems.textsecuregcm.push.APNSender.<init>(APNSender.java:70)
	at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:246)
	at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:151)
	at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:44)
	at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:87)
	at io.dropwizard.cli.Cli.run(Cli.java:78)
	at io.dropwizard.Application.run(Application.java:94)
	at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:406)
Caused by: java.security.cert.CertificateException: java.lang.IllegalArgumentException: 工厂中的未知对象: org.bouncycastle.asn1.DERUnknownTag
	at org.bouncycastle.jce.provider.JDKX509CertificateFactory.engineGenerateCertificate(Unknown Source)
	at java.base/java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:355)
	... 12 more
Caused by: java.lang.IllegalArgumentException: 工厂中的未知对象: org.bouncycastle.asn1.DERUnknownTag
	at org.bouncycastle.asn1.x509.AlgorithmIdentifier.getInstance(Unknown Source)
	at org.bouncycastle.asn1.x509.TBSCertificateStructure.<init>(Unknown Source)
	at org.bouncycastle.asn1.x509.TBSCertificateStructure.getInstance(Unknown Source)
	at org.bouncycastle.asn1.x509.X509CertificateStructure.<init>(Unknown Source)
	at org.bouncycastle.asn1.x509.X509CertificateStructure.getInstance(Unknown Source)
	at org.bouncycastle.jce.provider.JDKX509CertificateFactory.readDERCertificate(Unknown Source)
	... 14 more

有人知道这里的确切问题吗?

此外,我没有更改 zkConfig 下的 serverSecret 和 serverPublic。(我不知道如何获取这些)。在文档中 "# zkgroup 配置,使用您的构建 jar 运行" 是什么意思?

英文:

I was trying to deploy Signal Server according to the guidelines here.
Link

Everything was success in the build part. But when i run the service using this command

java -jar service/target/TextSecureServer-3.21.jar server service/config/config.yml

I am getting below errors.

INFO  [2020-09-10 04:52:48,319] io.dropwizard.server.DefaultServerFactory: Registering jersey handler with root path prefix: /
INFO  [2020-09-10 04:52:48,320] io.dropwizard.server.DefaultServerFactory: Registering admin handler with root path prefix: /
org.bouncycastle.openssl.PEMException: problem parsing cert: java.security.cert.CertificateException: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag
	at org.bouncycastle.openssl.PEMReader$X509CertificateParser.parseObject(Unknown Source)
	at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source)
	at org.whispersystems.textsecuregcm.push.RetryingApnsClient.initializeCertificate(RetryingApnsClient.java:76)
	at org.whispersystems.textsecuregcm.push.RetryingApnsClient.<init>(RetryingApnsClient.java:49)
	at org.whispersystems.textsecuregcm.push.APNSender.<init>(APNSender.java:70)
	at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:246)
	at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:151)
	at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:44)
	at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:87)
	at io.dropwizard.cli.Cli.run(Cli.java:78)
	at io.dropwizard.Application.run(Application.java:94)
	at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:406)
Caused by: java.security.cert.CertificateException: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag
	at org.bouncycastle.jce.provider.JDKX509CertificateFactory.engineGenerateCertificate(Unknown Source)
	at java.base/java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:355)
	... 12 more
Caused by: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag
	at org.bouncycastle.asn1.x509.AlgorithmIdentifier.getInstance(Unknown Source)
	at org.bouncycastle.asn1.x509.TBSCertificateStructure.<init>(Unknown Source)
	at org.bouncycastle.asn1.x509.TBSCertificateStructure.getInstance(Unknown Source)
	at org.bouncycastle.asn1.x509.X509CertificateStructure.<init>(Unknown Source)
	at org.bouncycastle.asn1.x509.X509CertificateStructure.getInstance(Unknown Source)
	at org.bouncycastle.jce.provider.JDKX509CertificateFactory.readDERCertificate(Unknown Source)
	... 14 more

Anyone know the exact issue here ?

Also i didnt change serverSecret & serverPublic under zkConfig. (I dont know how to get these). What it does mean by * # zkgroup config, run using your build jar * as in the documentation ?

答案1

得分: 1

问题已解决。此异常是由于读取cerKey文件的PEM格式不正确导致的。无论如何,当前的crtKey格式是PEM格式,但它需要一个扩展的PEM格式。

我使用了下面的命令来生成它。

openssl rsa -in cert.key -outform PEM -out cert.key

然后所有上述错误都消失了。

英文:

Problem solved. This exception came due to improper PEM format of reading cerKey file. Anyhow current crtKey form is PEM only, but it need a extended form of PEM.

i used below command to generate it.

openssl rsa -in cert.key -outform PEM -out cert.key   

Then all above errors were disappeared.

答案2

得分: 0

我确实输入了上述命令,但是我收到了这个错误消息:

> 无法打开 cert.key 以进行读取,没有该文件或目录
140021811573184:错误:02001002:系统库:fopen:没有该文件或目录:../crypto/bio/bss_file.c:72:fopen('cert.key','r')
140021811573184:错误:2006D080:BIO 例程:BIO_new_file:没有此文件:../crypto/bio/bss_file.c:79:
无法加载私钥

我已尽我所能进行了一切尝试,我生成了各种我在互联网上找到的证书,但结果没有改变。请您告诉我该怎么办,这对我非常重要。非常感谢。

英文:

I did enter the above command but i got this error

> Can't open cert.key for reading, No such file or directory
140021811573184:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:72:fopen('cert.key','r')
140021811573184:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:79:
unable to load Private Key

and I did everything I could I generated all kind of certificate I could find on Internet but no change in result. could you please tell me what to do it's so important to me. thanks alot

huangapple
  • 本文由 发表于 2020年9月10日 13:23:55
  • 转载请务必保留本文链接:https://go.coder-hub.com/63823297.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定