0

I am configuring wso2-emm, the step which I stuck in is android configuation, as it said in tutorial :

If the SSL certificate is self signed, use the CA certificate PEM file that is generated for iOS to create a BKS file that is compatible with Android

I follow the instruction about iOS, but it create .jks file not .bks file which is required for android. I try to convert .jks file to .bks using Portecle but I get the following error: 

java.security.UnrecoverableKeyException : Cannot recover key.

How can i create a BKS file that is compatible with Android?

Community
  • 1
  • 1
user3806649
  • 1,257
  • 2
  • 18
  • 42

3 Answers3

2

Please follow these steps: step 2 to step 8 https://docs.wso2.com/display/EMM110/iOS+Server+Configurations#iOSServerConfigurations-step2

After that, you can generate the BKS file using following command:

keytool -noprompt -import -v -trustcacerts -alias 'openssl x509 -inform PEM -subject_hash -noout -in ca_cert.pem' -file ca_cert.pem -keystore emm_truststore.bks -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-146.jar -storepass 'wso2carbon'

Note: you need to have bcprov-jdk16-146.jar in the folder in order to generate above bks file

Once you generate it copy emm_truststore.bks to Android res/raw folder. In android source code CommonUtilities.java change SERVER_PORT to 9443 and SERVER_PROTOCOL to https://

Chatura Dilan
  • 1,502
  • 1
  • 16
  • 29
  • thanks @Chatura, I follow the instruction, but when I run the final command I get this error : `Illegal option: x509` – user3806649 Apr 10 '15 at 19:14
  • You probably have done something wrong when generating keys. I have tested it and it worked. please repeat the steps and make sure you are not getting any errors. – Chatura Dilan Apr 11 '15 at 04:12
  • I repeat the steps, but I get same error. here is the [link](ceit.aut.ac.ir/~9031020/CA certificate PEM file.docx) of steps that I have done with the ir resault. what is the differnce between keystore password and keystore key password in level 8th in tutorial (7th in mine) – user3806649 Apr 11 '15 at 09:03
  • I run this command instead `keytool -noprompt -import -v -trustcacerts -alias "openssl x509 -inform PEM -subject_hash -noout -in ca_cert.pem" -file ca_cert.pem -keystore emm_truststore.bks -storetype BKS -providerclass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-146.jar -storepass 'wso2carbon'` but when I try to export the project as an Android application I get `Invalid keystore format` ! – user3806649 Apr 11 '15 at 09:47
  • Please refer to the docs, I have mentioned in the answer and please make sure Certificate Authority (CA) and Registration Authority (RA) certificates should be created as version 3 certificates as mentioned in the docs – Chatura Dilan Apr 11 '15 at 12:33
  • I follow the doc steps and your instruction afterward, as you can see each step screen shot in this [link](http://1drv.ms/1aBbm73), but I really got stuck in this stage and I would appricate your help. – user3806649 Apr 11 '15 at 15:14
  • You don't want to use those keys you have generated to export the Android project. You can use a new key pair as mention in Android docs to export the project. http://developer.android.com/tools/publishing/app-signing.html – Chatura Dilan Apr 12 '15 at 11:53
0

One problem is that the password for reading the private key is wrong. Have you used the same password for the keystore and the key-entry?

Another problem may be that the BouncyCastle library has changed the BKS file format some years ago - therefore you need the old Bouncycastle version.

Android uses the old BKSv1 which can be created by KeyStore Explorer.

Robert
  • 39,162
  • 17
  • 99
  • 152
0

I think it's not possible to directly convert jks file to bks format using Portecle. But you can use the key file & pem file generated for obtaining CA certificate for iOS. For that you'll need to create a new keystore of BKS format using Portecle & then import the pem file for the keypair & then the key file afterwards.

Harshan Liyanage
  • 148
  • 5