Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: step certificate install --java fails with exit status 1 #2024

Open
cowwoc opened this issue Oct 8, 2024 · 3 comments
Open

[Bug]: step certificate install --java fails with exit status 1 #2024

cowwoc opened this issue Oct 8, 2024 · 3 comments
Assignees
@hslatman
Labels
bug needs triage Waiting for discussion / prioritization by team

Comments

@cowwoc
Copy link

cowwoc commented Oct 8, 2024
edited
Loading

Steps to Reproduce

Run step certificate install root_ca.crt --java --no-system

Your Environment

  • OS - Microsoft Windows [Version 10.0.19045.4894]
  • step-ca Version -
Smallstep CLI/0.27.4 (windows/amd64)
Release Date: 2024-09-13T17:37:59Z

Expected Behavior

Truststore to be updated

Actual Behavior

failed to execute "C:\Program Files\Java\zulu-21\bin\keytool.exe -importcert -noprompt -keystore C:\Program Files\Java\zulu-21\lib\security\cacerts -storepass changeit -file C:\Users\Gili\AppData\Local\Temp\truststore.1319194278.pem -alias step-ca Root CA 105762468571059453893283164350196192992" failed with: exit status 1

Additional Context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@cowwoc cowwoc added bug needs triage Waiting for discussion / prioritization by team labels Oct 8, 2024
@cowwoc
Copy link
Author

cowwoc commented Oct 8, 2024

I suspect that the failure is caused by the fact that paths with spaces are not being quoted, but I don't know of a way to check if this is the case. The created pem file is deleted on failure so I cannot run the command-line directly.

@hslatman
Copy link
Member

hslatman commented Oct 8, 2024
edited
Loading

It seems you're using "Azul Zulu" Java? Do C:\Program Files\Java\zulu-21\bin\keytool.exe and C:\Program Files\Java\zulu-21\lib\security\cacerts actually exist, and are they in those locations?

The PEM that is created is a temporary file with the root CA certificate contents in it. You can specify that file directly instead to test the command.

@cowwoc
Copy link
Author

cowwoc commented Oct 8, 2024
edited
Loading

  1. I converted root_ca.crt to root_ca.pem using openssl x509 -in "%HOMEPATH%\.step\certs\root_ca.crt" -out "%HOMEPATH%\.step\certs\root_ca.pem" -outform PEM
  2. I replaced the temporary file with root_ca.pem as you suggested.
  3. The command failed due to spaces in the paths (i.e. 'C:\Program' is not recognized as an internal or external command, operable program or batch file.)
  4. I added quotes around the path of the executable, the path of cacerts, and the value of the certificate alias. Once that was done, the command worked.

So to recap: it seems that you have a bug on Windows. The tool needs to surround those 3 elements in quotes.

@hslatman hslatman self-assigned this Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hslatman hslatman

Labels
bug needs triage Waiting for discussion / prioritization by team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cowwoc @hslatman