InvalidKeyException: Illegal key size issue
When running XPISigner with a PFX generated from SPC & PVK files you may run into the following error…
“unwrapping private key - java.security.InvalidKeyException: Illegal key size”
This may have two causes:
- The unlimited strength policy files are not installed in your
%JAVA_HOME%/jre/lib/security folder. - The PFX that was generated is not well formed. See below for instructions on how to export a correctly formatted PFX from IE.
Exporting a PFX from Internet Explorer
Go to Tools | Internet Options | Content | Certificates
Select your cert/key and click Export…
Choose to export the private key.
On the next screen choose to “Include all certificates in the chain” and “Strong private key protection”
Give it a password and save to a different filename.
Comments
Comment from kevin
Time May 26, 2008 at 1:40 pm
@Mitchell, Sorry it took so long to get back to you. It looks like your key is not exportable. When importing the key there’s usually a checkbox to allow permit the key to re-exported.
Comment from Mitchell Klebel
Time May 7, 2008 at 3:54 pm
I can’t export to a PFX only .CER (DER,Base-64, and .P7B) Why?