Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

"Length is too big" IOException when using OpenSSL key/certs

1 view
Skip to first unread message

Bjørn Bjerkeli

unread,
May 2, 2001, 7:40:01 AM5/2/01
to

Hi.

I had the same problem when i specified a cakey.pem file that was encrypted. For
some reason, WLS doesnt seem to support a scheme where it prompts for a password
to use for decryption of the private key. Try to decrypt the private key:

openssl rsa -in cakey.pem -out ca_unsafe.pem and deploy this certificate instead,
then it will work ;-)


9-sc...@pp.htv.fi.invalid (Scott Andrew Borton) wrote:
>Using WLS 5.1, SP6, Solaris
>
>Hello one and all:
>
>I am trying to test WLS with SSL. I am using the OpenSSL package to act
>as my
>own CA and generate and sign my own server certs. I don't have any problem
>with this part.
>
>However, when I try to use my private key with WLS, I get this
>error upon startup:
>
>> Java.io.IOException: Length is too big: takes 56 bytes
>> at weblogic.security.ASN1.ASN1Header.inputLength(ASN1Header.java:133)
>> at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:105)
>> at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:107)
>> at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:85)
>> at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:285)
>> at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:214)
>> at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:1180)
>> at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
>> at java.lang.reflect.Method.invoke(Native Method)
>> at weblogic.Server.startServerDynamically(Server.java:99)
>> at weblogic.Server.main(Server.java:65)
>> at weblogic.NmsIpServer.main(NmsIpServer.java:13)
>> Thu Mar 22 16:02:25 EET 2001:<E> <SSLListenThread> Security
>> Configuration Problem with SSL server encryption Key
>> (<path-to-key hidden for publication --scott>),
>> java.io.IOException: Length is too big: takes 56 bytes
>
>I have read many messages on this group that indicate this same
>problem. Some of the suggestions included checking the formatting
>of the server key file for extra linefeeds, etc. I have done this.
>
>I even tried the OpenSSL "asn1-kludge" option. It didn't work
>either.
>
>So, I hope to hear from someone who has successfully used OpenSSL
>keys and certs with WLS.
>
>
>Thanks,
>
>
>--scott
>

0 new messages