I am trying to set up an Entrust HSM Connect with the JCE/JCA Provider.
I've completed all the steps in the Guide (https://nshielddocs.entrust.com/connect-ug/12.80/application-interfaces) and now i struggle at "Application Interfaces". I've completed all the parts until generating a new key.
When I prompt the '..InstallationTest' it says that nCipher is correctly installed and is on position 1.
But when i try
java --module-path /opt/nfast/java/classes sun.security.tools.keytool.Main -genkey -storetype nCipher.sworld -keyalg RSA -sigalg SHA1withRSA -storepass <KeyStore_passphrase> -keystore <KeyStore_path>
It prints the following error message:
Exception in thread "main" java.lang.IllegalAccessError: class com.ncipher.nfast.NFKeyModuleObjectTracker (in module com.ncipher.provider.km.nCipherKM) cannot access class java.beans.PropertyChangeSupport (in module java.desktop) because module com.ncipher.provider.km.nCipherKM does not read module java.desktop
at com.ncipher.provider.km.nCipherKM/com.ncipher.nfast.NFKeyModuleObjectTracker.<init>(NFKeyModuleObjectTracker.java:48)
at com.ncipher.provider.km.nCipherKM/com.ncipher.nfast.NFKeyModuleObjectTracker.<clinit>(NFKeyModuleObjectTracker.java:23)
at com.ncipher.provider.km.nCipherKM/com.ncipher.nfast.NFKeyModuleObject.notifyLoaded(NFKeyModuleObject.java:31)
at com.ncipher.provider.km.nCipherKM/com.ncipher.nfast.NFKeyModuleObject.<init>(NFKeyModuleObject.java:26)
at com.ncipher.provider.km.nCipherKM/com.ncipher.km.nfkm.Key.setKeyIDs(Key.java:1557)
at com.ncipher.provider.km.nCipherKM/com.ncipher.km.nfkm.KeyGenerator._generateKey(KeyGenerator.java:1428)
at com.ncipher.provider.km.nCipherKM/com.ncipher.km.nfkm.KeyGenerator.generateUnrecordedKey(KeyGenerator.java:964)
at com.ncipher.provider.km.nCipherKM/com.ncipher.provider.km.nCipherKM.generateKey(nCipherKM.java:728)
at com.ncipher.provider.km.nCipherKM/com.ncipher.provider.km.KMHmacSHA1KeyGenerator.engineGenerateKey(KMHmacSHA1KeyGenerator.java:58)
at com.ncipher.provider.km.nCipherKM/com.ncipher.provider.km.KMKeyStore.engineLoad(KMKeyStore.java:692)
at java.base/java.security.KeyStore.load(KeyStore.java:1479)
at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:987)
at java.base/sun.security.tools.keytool.Main.run(Main.java:412)
at java.base/sun.security.tools.keytool.Main.main(Main.java:405)
I am using the Amazon Corretto Java version, maybe this is the problem? But normally Corretto is compatible with the Oracle version?
Does anyone know how to fix this error? I already tried a lot of things but none of them worked.
Thanks in advance.
I was able to solve the issue by simpling giving the command
keytool -genkey -alias <keyalias> -keyalg <algorithm> -sigalg <signingAlgorithm> -keysize <keysize> -keystore nCipher.sworldThat created the keystore like i wanted - sadly this was not mentioned in the manual.