InvalidKeyException: Illegal key size issue
August 3rd, 2007
When running XPISigner with a PFX generated from SPC & PVK files you may run into the following error…
“unwrapping private key – java.security.InvalidKeyException: Illegal key size”
This may have two causes:
- The unlimited strength policy files are not installed in your
%JAVA_HOME%/jre/lib/security folder. - The PFX that was generated is not well formed. See below for instructions on how to export a correctly formatted PFX from IE.
Exporting a PFX from Internet Explorer
Go to Tools | Internet Options | Content | Certificates
Select your cert/key and click Export…
Choose to export the private key.
On the next screen choose to “Include all certificates in the chain” and “Strong private key protection”
Give it a password and save to a different filename.
I can’t export to a PFX only .CER (DER,Base-64, and .P7B) Why?
@Mitchell, Sorry it took so long to get back to you. It looks like your key is not exportable. When importing the key there’s usually a checkbox to allow permit the key to re-exported.