TextSecure 信号服务器 - 证书错误

Question

我试图根据此处的指南部署 Signal Server。 Link

构建部分一切顺利。但是当我使用这个命令运行服务时

java -jar service/target/TextSecureServer-3.21.jar server service/config/config.yml

我遇到了以下错误。

INFO  [2020-09-10 04:52:48,319] io.dropwizard.server.DefaultServerFactory: Registering jersey handler with root path prefix: /
INFO  [2020-09-10 04:52:48,320] io.dropwizard.server.DefaultServerFactory: Registering admin handler with root path prefix: /
org.bouncycastle.openssl.PEMException: problem parsing cert: java.security.cert.CertificateException: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag
    at org.bouncycastle.openssl.PEMReader$X509CertificateParser.parseObject(Unknown Source)
    at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source)
    at org.whispersystems.textsecuregcm.push.RetryingApnsClient.initializeCertificate(RetryingApnsClient.java:76)
    at org.whispersystems.textsecuregcm.push.RetryingApnsClient.<init>(RetryingApnsClient.java:49)
    at org.whispersystems.textsecuregcm.push.APNSender.<init>(APNSender.java:70)
    at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:246)
    at org.whispersystems.textsecuregcm.WhisperServerService.run(WhisperServerService.java:151)
    at io.dropwizard.cli.EnvironmentCommand.run(EnvironmentCommand.java:44)
    at io.dropwizard.cli.ConfiguredCommand.run(ConfiguredCommand.java:87)
    at io.dropwizard.cli.Cli.run(Cli.java:78)
    at io.dropwizard.Application.run(Application.java:94)
    at org.whispersystems.textsecuregcm.WhisperServerService.main(WhisperServerService.java:406)
Caused by: java.security.cert.CertificateException: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag
    at org.bouncycastle.jce.provider.JDKX509CertificateFactory.engineGenerateCertificate(Unknown Source)
    at java.base/java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:355)
    ... 12 more
Caused by: java.lang.IllegalArgumentException: unknown object in factory: org.bouncycastle.asn1.DERUnknownTag
    at org.bouncycastle.asn1.x509.AlgorithmIdentifier.getInstance(Unknown Source)
    at org.bouncycastle.asn1.x509.TBSCertificateStructure.<init>(Unknown Source)
    at org.bouncycastle.asn1.x509.TBSCertificateStructure.getInstance(Unknown Source)
    at org.bouncycastle.asn1.x509.X509CertificateStructure.<init>(Unknown Source)
    at org.bouncycastle.asn1.x509.X509CertificateStructure.getInstance(Unknown Source)
    at org.bouncycastle.jce.provider.JDKX509CertificateFactory.readDERCertificate(Unknown Source)
    ... 14 more

有人知道这里的确切问题吗？

我也没有在 zkConfig 下更改 serverSecret 和 serverPublic。 （我不知道如何获得这些）。 * # zkgroup config, run using your build jar * as in the documentation 是什么意思？

Answer 1

问题解决了。此异常是由于读取 cerKey 文件的 PEM 格式不正确造成的。无论如何，当前的 crtKey 形式只是 PEM，但它需要 PEM 的扩展形式。

我使用下面的命令来生成它。

openssl rsa -in cert.key -outform PEM -out cert.key   

 

然后以上所有错误都消失了。

Answer 2

我确实输入了上面的命令，但我得到了这个错误

无法打开 cert.key 进行读取，没有这样的文件或目录 140021811573184:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:72:fopen('cert.key','r') 140021811573184：错误：2006D080：BIO 例程：BIO_new_file：没有这样的文件：../crypto/bio/bss_file.c:79： 无法加载私钥

我尽我所能生成了我可以在 Internet 上找到的各种证书，但结果没有任何变化。你能告诉我该怎么做吗？这对我来说很重要。非常感谢