Discuss the FTP protocol, secure FTP, FTP over SSH and FTP over SSL.
no avatar
User

royayala

Posts

7

Joined

Tue Sep 09, 2008 7:40 am

Location

San Diego, California

Error with new IBM mainframe cerificate

by royayala » Tue Jul 09, 2013 4:54 am

I am using edtFTPj/PRO to send files to an IBM mainframe. We have a new certificate that was issued by the mainframe and it appears to be a good certificate. The new certificate looks very much like the one we are using successfully in production.

I am getting the following error and I am looking for direction on how to fix it.

com.enterprisedt.cryptix.CryptixException: PKCS#5: Invalid number of padding bytes


My full screen shot is below:

[sv-wm-d@appedxdv1 IntegrationServer]$ java com.egateway.MF.wmPush2MF_new /app/data/sv-wm-d/test/roy "'PG17678.TEST.EDI.INB.DASR.MAP.EDIX.TEST'" SYSA-FTP.SDGE.COM QEDIXFTP A /app/dv/webMethods82/IntegrationServer/QEDIXFTP.CERT4South.pem P
Setting SSL debugging to :all
CLIENT KEY FILENAME /app/dv/webMethods82/IntegrationServer/QEDIXFTP.CERT4South.pem
Creating FTPS (explicit) client
host=SYSA-FTP.SDGE.COM
username=QEDIXFTP
serverCertFilename=/app/dv/webMethods82/IntegrationServer/QEDIXFTP.CERT4South.pem
clientKeyFilename=/app/dv/webMethods82/IntegrationServer/QEDIXFTP.CERT4South.pem
clientKeyPassword=QEDIXFTP
action, code=P
action, append=false
absolutePath=/app/data/sv-wm-d/test/roy
com.enterprisedt.cryptix.CryptixException: PKCS#5: Invalid number of padding bytes
at com.enterprisedt.cryptix.provider.padding.PKCS5.engineUnpad(PKCS5.java:129)
at xjava.security.PaddingScheme.unpad(PaddingScheme.java:325)
at xjava.security.Cipher.a(Cipher.java:1468)
at xjava.security.Cipher.crypt(Cipher.java:1156)
at xjava.security.Cipher.crypt(Cipher.java:1116)
at com.enterprisedt.net.puretls.crypto.a.a(PEMData.java:139)
at com.enterprisedt.net.puretls.crypto.EAYEncryptedPrivateKey.createPrivateKey(EAYEncryptedPrivateKey.java:59)
at com.enterprisedt.net.puretls.SSLContext.loadEAYKeyFile(SSLContext.java:287)
at com.enterprisedt.net.puretls.SSLContext.loadEAYKeyFile(SSLContext.java:239)
at com.enterprisedt.net.ftp.ssl.SSLFTPClient.loadClientCertificate(SSLFTPClient.java:1243)
at com.egateway.MF.wmPush2MF_new.main(wmPush2MF_new.java:116)
com.enterprisedt.cryptix.CryptixException: PKCS#5: Invalid number of padding bytes
at com.enterprisedt.cryptix.provider.padding.PKCS5.engineUnpad(PKCS5.java:129)
at xjava.security.PaddingScheme.unpad(PaddingScheme.java:325)
at xjava.security.Cipher.a(Cipher.java:1468)
at xjava.security.Cipher.crypt(Cipher.java:1156)
at xjava.security.Cipher.crypt(Cipher.java:1116)
at com.enterprisedt.net.puretls.crypto.a.a(PEMData.java:139)
at com.enterprisedt.net.puretls.crypto.EAYEncryptedPrivateKey.createPrivateKey(EAYEncryptedPrivateKey.java:59)
at com.enterprisedt.net.puretls.SSLContext.loadEAYKeyFile(SSLContext.java:287)
at com.enterprisedt.net.puretls.SSLContext.loadEAYKeyFile(SSLContext.java:239)
at com.enterprisedt.net.ftp.ssl.SSLFTPClient.loadClientCertificate(SSLFTPClient.java:1243)
at com.egateway.MF.wmPush2MF_new.main(wmPush2MF_new.java:116)
no avatar
User

support2

Posts

3987

Joined

Tue May 18, 2004 8:30 am

Re: Error with new IBM mainframe cerificate

by support2 » Tue Jul 09, 2013 10:24 am

I'm not sure why you are using the same certificate file for both the client and the server certificate. Could you please explain what you are trying to do?
no avatar
User

royayala

Posts

7

Joined

Tue Sep 09, 2008 7:40 am

Location

San Diego, California

by royayala » Wed Jul 10, 2013 3:18 am

I am trying to setup a TLS file transfer from our Linux server to an IBM mainframe. We have a working setup between our AIX server and the same IBM mainframe. The mainframe provided a PKCS12 file (Binary format that had a client certificate, a server CA signed certificate and a private key all in one file). We used opensll to convert this PKCS12 format into a PEM format. Please note this is exactly what we did for the working setup we have on AIX. The conversion to PEM worked as expected.

So we are using the same certificate file for both the client and the server certificate in our working setup between AIX and the mainframe. We have been using this setup using edtFTPj/PRO for the past 5 years successfully. I want to use the same approach of using a certificate file for both the client and the server certificate for the new Linux to mainframe setup. The certificate we are tyring to use for Linux to the mainframe is a new certificate and it is not the same certificate we are using for the AIX to mainframe transfers.

I have searched on Google for an explanation of the error message "com.enterprisedt.cryptix.CryptixException: PKCS#5: Invalid number of padding bytes" but have not found any useful information. I am asking for vendor support (EDT) to provide a solution or a direction on how to correct the issue I am having.

Please let me know if you require any other information.
no avatar
User

royayala

Posts

7

Joined

Tue Sep 09, 2008 7:40 am

Location

San Diego, California

I reviewed the Java code which I copied here.

by royayala » Wed Jul 10, 2013 7:57 am

no avatar
User

support2

Posts

3987

Joined

Tue May 18, 2004 8:30 am

Re: I reviewed the Java code which I copied here.

by support2 » Wed Jul 10, 2013 9:40 am

no avatar
User

sanwal

Posts

2

Joined

Fri Oct 10, 2014 9:35 pm

Re: Error with new IBM mainframe cerificate

by sanwal » Fri Oct 10, 2014 9:39 pm

have issues using the FileManager plug in for "Windows" type users.

When I login I'm redirected to my home virtual folder via the standard listing templates, and all my subfolders work correctly, however I'm not redirected automatically to the /FileManager/ plugin.

If I manually try to enter the the the /FileManager/ plugin path I get the following error:

Who is online

Users browsing this forum: No registered users and 3 guests

Powered by phpBB ® | phpBB3 Style by KomiDesign
cron