B4J Question Problems with B4J's use of certificates

H

hzq200409

Active Member
Licensed User
The certificate I purchased (in Apache format) consists of three files: cert.pem, chain.pem and key.key.
Content of the cert.pem file:
B4X: 
-----BEGIN CERTIFICATE-----
MIIGTw...
-----END CERTIFICATE-----
Content of the chain.pem file:
B4X: 
-----BEGIN CERTIFICATE-----
Mag...
-----END CERTIFICATE-----
I opened and merged them using Notepad (with the certificate content at the beginning and the intermediate chain content at the end), and saved them to a new PEM file(fullchain.pem). Make it look like this:
B4X: 
-----BEGIN CERTIFICATE-----
MIIGTw...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Magja...
-----END CERTIFICATE-----

Then, use OpenSSL to convert it into a PKCS12 format file: jetty.p12
Bash: 
openssl pkcs12 -export -out jetty.p12 -inkey key.key -in fullchain.pem

Then, use the keytool tool in the java-jdk to convert the .p12 file into a .keystore file.
Bash: 
keytool -importkeystore -noprompt -srckeystore jetty.p12 -srcstoretype PKCS12 -srcstorepass password -destkeystore test.keystore -deststorepass password

Finally, use it in B4J like this
B4X: 
Sub Process_Globals
    'CA
    Public SslConfiguration As SslConfiguration
    Public KeystorePassword As String = "myPassword"
    Public KeystoreFilename As String = "test.keystore"
  
    Public srvr As Server
End Sub

Private Sub ConfigureSSL (SslPort As Int)
    SslConfiguration.Initialize
    SslConfiguration.SetKeyStorePath(File.DirApp, KeystoreFilename)
    SslConfiguration.KeyStorePassword = KeystorePassword
    SslConfiguration.KeyManagerPassword = KeystorePassword
    srvr.SetSslConfiguration(SslConfiguration, SslPort)
    srvr.AddFilter("/*", "HttpsFilter", False)
End Sub

Now there is a problem with the operation:
B4X: 
java.util.ServiceConfigurationError: org.eclipse.jetty.util.security.CredentialProvider: module b4j does not declare `uses`
        at java.base/java.util.ServiceLoader.fail(Unknown Source)
        at java.base/java.util.ServiceLoader.checkCaller(Unknown Source)
        at java.base/java.util.ServiceLoader.<init>(Unknown Source)
        at java.base/java.util.ServiceLoader.load(Unknown Source)
        at b4j/org.eclipse.jetty.util.security.Credential.<clinit>(Unknown Source)
        at b4j/org.eclipse.jetty.util.ssl.SslContextFactory.newPassword(Unknown Source)
        at b4j/org.eclipse.jetty.util.ssl.SslContextFactory.setKeyStorePassword(Unknown Source)
        at b4j/anywheresoftware.b4j.object.ServerWrapper$SslContextFactoryWrapper.setKeyStorePassword(Unknown Source)
        at b4j/b4j.example.main._configuressl(Unknown Source)
        at b4j/b4j.example.main._appstart(Unknown Source)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at b4j/anywheresoftware.b4a.BA.raiseEvent2(Unknown Source)
        at b4j/anywheresoftware.b4a.BA.raiseEvent(Unknown Source)
        at b4j/b4j.example.main.main(Unknown Source)

My B4J version is 10.30 (64-bit)
I'm not sure if this is the result of some mistake I made at a certain step that prevented the program from running.Please help me clarify my doubts, everyone. Thank you.
 
Last edited by a moderator:
Solution
H
The fault has been resolved. This compilation parameter needs to be added.
B4X: 
#Region Project Attributes
    'B4J V10.30 resolves the issue of java.util.ServiceConfigurationError: org.eclipse.jetty.util.security.CredentialProvider: the module b4j does not declare `uses`.
    #PackagerProperty: AdditionalModuleInfoString = uses org.eclipse.jetty.util.security.CredentialProvider;
#End Region
Sort by date Sort by votes
H

hzq200409

Active Member
Licensed User
Erel said:
I've hide the various keys. Better not to post them.

Do you get this error when you run it from the IDE? Or with the standalone package?
Click to expand...
Thank you. It doesn't matter. The information has been de-identified.
Running in DEBUG mode:
B4X: 
java.io.IOException: Integrity check failed: java.security.NoSuchAlgorithmException: Algorithm HmacPBESHA256 not available
    at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2158)
    at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:222)
    at java.base/java.security.KeyStore.load(KeyStore.java:1479)
    at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:49)
    at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1121)
    at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:291)
    at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:213)
    at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93)
    at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:171)
    at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:121)
    at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:112)
    at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93)
    at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:171)
    at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:121)
    at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:353)
    at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:75)
    at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:228)
    at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93)
    at org.eclipse.jetty.server.Server.doStart(Server.java:427)
    at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93)
    at anywheresoftware.b4j.object.ServerWrapper.Start(ServerWrapper.java:271)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at anywheresoftware.b4a.shell.Shell.runVoidMethod(Shell.java:673)
    at anywheresoftware.b4a.shell.Shell.raiseEventImpl(Shell.java:240)
    at anywheresoftware.b4a.shell.Shell.raiseEvent(Shell.java:167)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at anywheresoftware.b4a.BA.raiseEvent2(BA.java:111)
    at anywheresoftware.b4a.shell.ShellBA.raiseEvent2(ShellBA.java:100)
    at anywheresoftware.b4a.BA.raiseEvent(BA.java:98)
    at b4j.example.main.main(main.java:29)
Caused by: java.security.NoSuchAlgorithmException: Algorithm HmacPBESHA256 not available
    at java.base/javax.crypto.Mac.getInstance(Mac.java:191)
    at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2136)
    ... 35 more
 
Upvote 0
H

hzq200409

Active Member
Licensed User
I had previously generated both the .jks and .keystore files simultaneously.The .jks and .keystore files are both generated using the same fullchain.pem(/jetty.p12). In debug mode: When running with the .keystore, the above error occurs; however, when using the .jks, there is no error; when compiling into an independent software package using the .jks, the following occurs(The version of Java-JDK used for compilation: jdk-11.0.1):
B4X: 
main._configuressl (java line: -1)
java.util.ServiceConfigurationError: org.eclipse.jetty.util.security.CredentialProvider: module b4j does not declare `uses`
        at java.base/java.util.ServiceLoader.fail(Unknown Source)
        at java.base/java.util.ServiceLoader.checkCaller(Unknown Source)
        at java.base/java.util.ServiceLoader.<init>(Unknown Source)
        at java.base/java.util.ServiceLoader.load(Unknown Source)
        at b4j/org.eclipse.jetty.util.security.Credential.<clinit>(Unknown Source)
        at b4j/org.eclipse.jetty.util.ssl.SslContextFactory.newPassword(Unknown Source)
        at b4j/org.eclipse.jetty.util.ssl.SslContextFactory.setKeyStorePassword(Unknown Source)
        at b4j/anywheresoftware.b4j.object.ServerWrapper$SslContextFactoryWrapper.setKeyStorePassword(Unknown Source)
        at b4j/b4j.example.main._configuressl(Unknown Source)
        at b4j/b4j.example.main._appstart(Unknown Source)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at b4j/anywheresoftware.b4a.BA.raiseEvent2(Unknown Source)
        at b4j/anywheresoftware.b4a.BA.raiseEvent(Unknown Source)
        at b4j/b4j.example.main.main(Unknown Source)
 
Last edited:
Upvote 0
aminoacid

aminoacid

Active Member
Licensed User
Longtime User
hzq200409 said:
The certificate I purchased (in Apache format) consists of three files: cert.pem, chain.pem and key.key.
Content of the cert.pem file:
B4X: 
-----BEGIN CERTIFICATE-----
MIIGTw...
-----END CERTIFICATE-----
Content of the chain.pem file:
B4X: 
-----BEGIN CERTIFICATE-----
Mag...
-----END CERTIFICATE-----
I opened and merged them using Notepad (with the certificate content at the beginning and the intermediate chain content at the end), and saved them to a new PEM file(fullchain.pem). Make it look like this:
B4X: 
-----BEGIN CERTIFICATE-----
MIIGTw...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Magja...
-----END CERTIFICATE-----

Then, use OpenSSL to convert it into a PKCS12 format file: jetty.p12
Bash: 
openssl pkcs12 -export -out jetty.p12 -inkey key.key -in fullchain.pem

Then, use the keytool tool in the java-jdk to convert the .p12 file into a .keystore file.
Bash: 
keytool -importkeystore -noprompt -srckeystore jetty.p12 -srcstoretype PKCS12 -srcstorepass password -destkeystore test.keystore -deststorepass password

Finally, use it in B4J like this
B4X: 
Sub Process_Globals
    'CA
    Public SslConfiguration As SslConfiguration
    Public KeystorePassword As String = "myPassword"
    Public KeystoreFilename As String = "test.keystore"
 
    Public srvr As Server
End Sub

Private Sub ConfigureSSL (SslPort As Int)
    SslConfiguration.Initialize
    SslConfiguration.SetKeyStorePath(File.DirApp, KeystoreFilename)
    SslConfiguration.KeyStorePassword = KeystorePassword
    SslConfiguration.KeyManagerPassword = KeystorePassword
    srvr.SetSslConfiguration(SslConfiguration, SslPort)
    srvr.AddFilter("/*", "HttpsFilter", False)
End Sub

Now there is a problem with the operation:
B4X: 
java.util.ServiceConfigurationError: org.eclipse.jetty.util.security.CredentialProvider: module b4j does not declare `uses`
        at java.base/java.util.ServiceLoader.fail(Unknown Source)
        at java.base/java.util.ServiceLoader.checkCaller(Unknown Source)
        at java.base/java.util.ServiceLoader.<init>(Unknown Source)
        at java.base/java.util.ServiceLoader.load(Unknown Source)
        at b4j/org.eclipse.jetty.util.security.Credential.<clinit>(Unknown Source)
        at b4j/org.eclipse.jetty.util.ssl.SslContextFactory.newPassword(Unknown Source)
        at b4j/org.eclipse.jetty.util.ssl.SslContextFactory.setKeyStorePassword(Unknown Source)
        at b4j/anywheresoftware.b4j.object.ServerWrapper$SslContextFactoryWrapper.setKeyStorePassword(Unknown Source)
        at b4j/b4j.example.main._configuressl(Unknown Source)
        at b4j/b4j.example.main._appstart(Unknown Source)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at b4j/anywheresoftware.b4a.BA.raiseEvent2(Unknown Source)
        at b4j/anywheresoftware.b4a.BA.raiseEvent(Unknown Source)
        at b4j/b4j.example.main.main(Unknown Source)

My B4J version is 10.30 (64-bit)
I'm not sure if this is the result of some mistake I made at a certain step that prevented the program from running.Please help me clarify my doubts, everyone. Thank you.
Click to expand...

Try this:

openssl pkcs12 -export -inkey key.key -in chain.pem -out jetty.pkcs12 -passout pass:myPassword

keytool -importkeystore -noprompt -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -srcstorepass myPassword -destkeystore test.keystore -deststorepass myPassword


Ignore warning about "JKS keystore uses a proprietary format"

The keystore file is "test.keystore" with password "myPassword"

If it does not work, create the fullchain.pem file by using COPY and not Notepad:

copy cert.pem+chain.pem fullchain.pem
 
Upvote 0
H

hzq200409

Active Member
Licensed User
The fault has been resolved. This compilation parameter needs to be added.
B4X: 
#Region Project Attributes
    'B4J V10.30 resolves the issue of java.util.ServiceConfigurationError: org.eclipse.jetty.util.security.CredentialProvider: the module b4j does not declare `uses`.
    #PackagerProperty: AdditionalModuleInfoString = uses org.eclipse.jetty.util.security.CredentialProvider;
#End Region
 
Upvote 0
Solution
You must log in or register to reply here.

Similar Threads

Erel
  • Article
B4J Library [server] LetsEncrypt SSL certificates
Replies
12
Views
4K
hatzisn
hatzisn
M
  • Question
B4J Question Problem Encrypting a string using a Public Certificate
Replies
2
Views
1K
M.SALIM
M
Erel
  • Article
B4A Library [B4X] Client certificates with OkHttpUtils2 SSLContext-Kickstart
Replies
11
Views
8K
Culjko
Culjko
alwaysbusy
  • Article
B4J Library ABKeystoreSSL: SSL Certificate generator using Let's Encrypt
2
Replies
20
Views
10K
alwaysbusy
alwaysbusy
Erel
  • Locked
  • Article
B4J Tutorial [Server] SSL Connections
2
Replies
32
Views
33K
Erel
Erel
Top