Could not generate template spMeta/spExtended XML file using saml2meta
Hi all,
I am trying to generate the spMeta data file using the tool "saml2meta" utility and recieved errors. Please help if you know any thing about this problem. Thanks very much.
Software: Sun AM version=7 2005Q4 and Sun Web server
The Keystore shows:
keytool -list -keystore keystore.jks -storepass xxx -alias saml2-sign
saml2-sign, Jun 22, 2007, keyEntry,
Certificate fingerprint (MD5): D3:FA:B1:E5:30:F2:4C:5A:28:D8:87:C8:39:9B:37:31
The command I used to generate the template files is:
saml2meta template -u amadmin -w xxx -s nasa/sp -a saml2-sign -f saml2-encrypt -e http://ndmseaudev01.ndc.nasa.gov -m spMeta1.xml -x spExtended1.xml
The error is: Unable to find certificate by cert alias "saml2-sign". I think the tool tries to retrieve the sign private key and failed. Any help would greatly appreciated. Thanks in advance. - David -
The amSAML debug log has shown:
ERROR: JKSKeyProvider.JKSKeyProvider:
java.lang.NullPointerException
at com.sun.identity.saml.xmlsig.JKSKeyProvider.<init>(JKSKeyProvider.java:13 6)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessor Impl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructor AccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at java.lang.Class.newInstance0(Class.java:350)
at java.lang.Class.newInstance(Class.java:303)
at com.sun.identity.saml2.key.KeyUtil.<clinit>(KeyUtil.java:86)
at com.sun.identity.saml2.meta.SAML2MetaSecurityUtils.buildX509Certificate(SAML2Me taSecurityUtils.java:425)
at com.sun.identity.saml2.meta.SAML2Meta.buildDescriptorTemplate(SAML2Meta.java:96 8)
at com.sun.identity.saml2.meta.SAML2Meta.runTemplate(SAML2Meta.java:911)
at com.sun.identity.saml2.meta.SAML2Meta.runCommand(SAML2Meta.java:347)
at com.sun.identity.saml2.meta.SAML2Meta.main(SAML2Meta.java:313)
07/03/2007 04:55:52:235 PM CDT: Thread[main,5,main]
ERROR: Unable to get cert alias:saml2-sign
java.security.KeyStoreException: Uninitialized keystore
at java.security.KeyStore.getCertificate(KeyStore.java:787)
at com.sun.identity.saml.xmlsig.JKSKeyProvider.getX509Certificate(JKSKeyProvider.j ava:177)
at com.sun.identity.saml2.meta.SAML2MetaSecurityUtils.buildX509Certificate(SAML2Me taSecurityUtils.java:425)
at com.sun.identity.saml2.meta.SAML2Meta.buildDescriptorTemplate(SAML2Meta.java:96 8)
at com.sun.identity.saml2.meta.SAML2Meta.runTemplate(SAML2Meta.java:911)
at com.sun.identity.saml2.meta.SAML2Meta.runCommand(SAML2Meta.java:347)
at com.sun.identity.saml2.meta.SAML2Meta.main(SAML2Meta.java:313)
