Geek Answers Handbook

Keytool error when creating BKS key store: providerpath is not a legal team

I am trying to create a keystore "bks" using keytool (using a terminal application on Mac OS X). I follow the instructions in:
keytool error: java.security.KeyStoreException: BKS not found

This is my use:

keytool -genkeypair -v -alias androiddebugkey -keyalg RSA -keysize 2048 -validity 10000 -keypass android -keystore /Users/djames/dropbox/bc146keystore/debug.keystore -storepass android -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider –providerpath /Users/djames/dropbox/bc146keystore/bcprov-jdk16-146.jar -dname "CN=Android Debug, OU=Android, O=Android, L=Whitefish, S=MT, C=US"

I get the following error:

 keytool error: java.lang.RuntimeException: Usage error, ?providerpath is not a legal command java.lang.RuntimeException: Usage error, ?providerpath is not a legal command at sun.security.tools.KeyTool.parseArgs(KeyTool.java:375)

I saw the -provider path option recommended in countless web posts (including the ones above), and when I run keytool -help , it confirms that the syntax is legal:

 keytool usage: ... -genkeypair [-v] [-protected] [-alias <alias>] [-keyalg <keyalg>] [-keysize <keysize>] [-sigalg <sigalg>] [-dname <dname>] [-validity <valDays>] [-keypass <keypass>] [-keystore <keystore>] [-storepass <storepass>] [-storetype <storetype>] [-providername <name>] [-providerclass <provider_class_name> [-providerarg <arg>]] ... [-providerpath <pathlist>]

I also tried the following alternative (for http://docs.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html ):

  • Removing the -providerpath option of the -providerpath command,
  • placing bcprov-jdk16-146.jar inside the {$JAVA_HOME/lib/ext} folder
  • adding security.provider.3=org.bouncycastle.jce.provider.BouncyCastleProvider to the java.security file.

But this still failed.

Any ideas on what I can do differently to succeed in building the BKS repository?

+1
bouncycastle keystore keytool
source share
4 answers

I could not succeed with Keytool. This is exactly what I did to solve the problem: I made a copy of the default debug.keytool file (a keystore like JKS), which was created by Eclipse (Indigo, SR2) automatically when I first started the Android program in Eclipse and uses Portecle (http: //portecle.sourceforge.net/) to convert this to a keystore like BKS. Now this is the tricky part: if now I used the version of debug.keytool BKS instead of the original, I got a "Packaging error in Android" in Eclipse "java.io.IOException: Invalid key store format" whenever I try to run the Android program. However, if I left the original version of the debug.keytool JKS file in the default directory where Eclipse created it, then I could use the BKS version of debug.keytool in the Android / resources / raw Android subdirectory and open Android and recognize This. Jim

+2
source share

This is many years ago, but I am also trying to do it.

The answer is that you have the parameters in the wrong order. The -providerpath parameter must have before the -providerclass parameter.

I hope this helps someone in the future to look for a solution.

+4
source share

An easy alternative is to use Portecle to create a BKS:

  • Download the required Boucycastle provider
  • Replace bcprov.jar in the Portecle installation directory (example: C:\Program Files (x86)\Portecle\bcprov.jar ). The same naming is required.
  • Restart Portecle and create your own BKS supermarket.

Further explanation here .

0
source share

I am trying to establish an SSL connection with certificates, so for support in Android I need to use jks / bks files as a trust store.

So the generated jks file tried SSLSocket connection in android, but throws an exception that jks cannot read. So I have to add Boncycastle Provider for JVM and create BKS using JKS file

Download the Bouncycastle provider Jar file and place it in the following path:

 C:\Program Files\Java\jre1.8.0_191\lib\ext

Update the java.security file by adding a provider for the following file

 C:\Program Files\Java\jre1.8.0_191\lib\security\java.security

Add Provider

 security.provider.12=org.bouncycastle.jce.provider.BouncyCastleProvider

Close the command line and open the execute command to get the bks file, as shown below:

 keytool -importkeystore -srckeystore <input>.jks -destkeystore <required_bks_file_name>.bks -srcstoretype JKS -deststoretype BKS -srcstorepass <jsk file password> -deststorepass <jsk file password> -provider org.bouncycastle.jce.provider.BouncyCastleProvider

Now you can bks the file in your folder.

thanks

0
source share

More articles:


All Articles