Log In
Register
Topic RSS
18:38, EEST
August 5, 2025
Offline
Hi, I am creating an instance of a `UaServer` this way:
var newServer = new UaServer();
ApplicationDescription appDescription = new ApplicationDescription();
appDescription.setApplicationName(new LocalizedText(“SimpleServer”, Locale.ENGLISH));
appDescription.setApplicationUri(“urn:localhost:UA:SimpleServer”);
appDescription.setProductUri(“urn:prosysopc.com:UA:SimpleServer”);
appDescription.setApplicationType(ApplicationType.Server);
ApplicationIdentity identity = ApplicationIdentity.loadOrCreateCertificate(
appDescription,
“MyCompany”, // Organization
null, // Common Name for certificate
null, // Hostname override
true // Create if missing
);
newServer.setApplicationIdentity(identity);
newServer.addUserTokenPolicy(UserTokenPolicies.ANONYMOUS);
newServer.init();
Everything seemed to work fine, until I noticed that on a few PCs I get the error:
com.prosysopc.ua.SecurityIndetityException: Private key cannot be loaded from file SimpleServer_2048.pem
at com.prosysopc.ua.ApplicationIdentity.loadOrCreateKeyPair(SourceFile:930)
Caused by: java.io.IOException: Short read of DER length
at java.base/sun.security.util.DerInputStream.getLength(DerInputStream.java:588)
at java.base/sun.security.util.DerValue.init(DerValue.java:390)
at java.base/sun.security.util.DerValue.(DerValue.java:331)
at java.base/sun.security.util.DerValue.(DerValue.java:344)
at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1993)
at java.base/java.security.KeyStore.load(KeyStore.java:1479)
at com.prosysopc.ua.stack.utils.CertificateUtils.loadFromKeyStore(SourceFile:660)
at com.prosysopc.ua.stack.transport.security.PrivKey.loadFromKeyStore(SourceFile:200)
at com.prosysopc.ua.stack.transport.security.PrivKey.loadFromKeyStore(SourceFile:183)
at com.prosysopc.ua.ApplicationIdentity.loadOrCreateKeyPair(SourceFile:925)
any idea on where the issue might be? The certificates are created by the SDK and never touched by any other process.
Thanks!
13:49, EEST
April 3, 2012
Offline
Hi,
What SDK version you are using?
Any option you could send one of the .pem to jsdk-support@prosysopc.com?
Alternatively, you could try loading them manually using (exactly these methods) com.prosysopc.ua.stack.utils.FileUtil.readFile(File) and then PrivKey.load(byte[], null) on the returned byte[]. This should throw an Exception that might help to explain what happened. In the loadOrCreate there is a fallback to try in another format (loadFromKeyStore), and the posted error is from that, but it failed before that (that would output a DEBUG level log only) because SDK writes them in format the load(..) should be able to load.
So my guess would be that somehow the writing of the .pem didn’t work or it got corrupted somehow (or the filesystem did it afterwards somehow). SDK doesn’t load them back on the method call that created them, it would only fail on the next call.
Also as a sidenote, unless I missed something, you are calling https://documentation.prosysopc.com/JSDK/javadoc/com/prosysopc/ua/ApplicationIdentity.html#loadOrCreateCertificate-com.prosysopc.ua.stack.core.ApplicationDescription-java.lang.String-java.lang.String-java.io.File-boolean-java.lang.String…-
whose signature is
loadOrCreateCertificate(ApplicationDescription applicationDescription, String organisation, String privateKeyPassword, File path, boolean enableRenew, String… hostNames) so your comments on the parameters are wrong. You give a null File as the folder where the keys would be stored so they become relative Files instead so it is possibly dependent on how your application is executed could the previously created be found. The boolean enableRenew means SDK will attemt to re-create the certificate if it expires. By default the certificates SDK creates are valid for 10 years. Thus, I think that has not happened yet.
1 Guest(s)
