Google Wave FedOne server certificate key fun (not!)
by bear
So, part of my lunch time fun task was to try and get the latest Google Wave FedOne server code working against one of my XMPP servers - sure, no problem, i’m an “XMPP Guru” right…
Yea, except for the damn thing is written in Java so any error message involves spelunking thru 3 screens worth of tracebacks :)
For example, I was trying to startup the server and kept getting this error:
Exception in thread "main" com.google.inject.ProvisionException: Guice
provision errors:
1) Error injecting constructor, java.lang.ArrayIndexOutOfBoundsException: -126
at org.waveprotocol.wave.examples.fedone.waveserver.WaveSignerProvider.<init>(WaveSignerProvider.java:60)
at org.waveprotocol.wave.examples.fedone.waveserver.WaveSignerProvider.class(WaveSignerProvider.java:39)
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveSignerProvider
while locating org.waveprotocol.wave.crypto.WaveSigner
for parameter 1 at org.waveprotocol.wave.examples.fedone.waveserver.CertificateManagerImpl.<init>(CertificateManagerImpl.java:76)
while locating org.waveprotocol.wave.examples.fedone.waveserver.CertificateManagerImpl
at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerModule.configure(WaveServerModule.java:79)
while locating org.waveprotocol.wave.examples.fedone.waveserver.CertificateManager
for parameter 0 at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl.<init>(WaveServerImpl.java:395)
at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl.class(WaveServerImpl.java:65)
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl
at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerModule.configure(WaveServerModule.java:81)
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveServer
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveletFederationProvider
annotated with @org.waveprotocol.wave.examples.fedone.waveserver.FederationHostBridge()
for parameter 0 at org.waveprotocol.wave.examples.fedone.federation.xmpp.XmppFederationHost.<init>(XmppFederationHost.java:60)
at org.waveprotocol.wave.examples.fedone.federation.xmpp.XmppFederationHost.class(XmppFederationHost.java:45)
while locating org.waveprotocol.wave.examples.fedone.federation.xmpp.XmppFederationHost
for parameter 7 at org.waveprotocol.wave.examples.fedone.federation.xmpp.WaveXmppComponent.<init>(WaveXmppComponent.java:159)
at org.waveprotocol.wave.examples.fedone.federation.xmpp.WaveXmppComponent.class(WaveXmppComponent.java:54)
while locating org.waveprotocol.wave.examples.fedone.federation.xmpp.WaveXmppComponent1 error
at com.google.inject.internal.InjectorImpl$4.get(InjectorImpl.java:770)
at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:796)
at org.waveprotocol.wave.examples.fedone.ServerMain.run(ServerMain.java:61)
at org.waveprotocol.wave.examples.fedone.ServerMain.main(ServerMain.java:50)
Caused by: java.lang.ArrayIndexOutOfBoundsException: -126
at org.apache.commons.codec.binary.Base64.isBase64(Base64.java:137)
After foolishly trying to Google for that Java exception (lots of hits with nothing to do with Google Wave) I figured - let me go read the instructions again…
Buried (well, ok, not buried but still it is at the bottom of the page) on this Certificates page, which is linked from the install page, is a command line example that holds the key clue:
openssl pkcs8 -topk8 -nocrypt -out ssl.key.der < ssl.key.pem
I also had to convert the certificate from PEM:
openssl x509 -in ssl.cert.pem -inform PEM -out ssl.cert.der -outform DER
and to be safe/certain, I stored both of them local to the wave component.
The code is expecting the key and the certificate to be in PKCS8-PEM format and not just plain PEM format. Hope this helps someone find the solution faster than I did :)
note: edited to include more detail on the openssl commands to convert key and certificate