RSA key + certificate chain (using bouncy castle?)

Hi all,

I’m developing a plugin for the “Bosch Smart Home” system and I’m having good progress with it. I am at a point where almost everything is working and I’m in the progress of cleaning it up for a merge with the openhab repo.

What’s currently missing is the initial bootstrapping of the connection to the Bosch Smart Home Gateway. I have been using a Java Keystore so far, which I hand-crafted myself using command line tools.

The keystore needs to contain a RSA private key and a certificate for it. I have been reading online that two common ways to setup the Certificate chain are:

  1. bouncy castle
  2. a solution based on sun’s security packages: https://www.pixelstech.net/article/1408524957-Generate-certificate-in-Java----Store-certificate-in-KeyStore

Unfortunately, I cannot get any of them to work.

For 2) it seems these dependencies are not used anywhere else in OpenHab.

For 1)
If I try to use the bouncy castle code, I cannot get maven to compile my code (I’m a complete Maven noob, so I might be missing something obvious).

I have copied stuff from openhab-core/bundles/org.openhab.core.io.jetty.certificate/pom.xml, which also seems to be using it, into my own pom file but it still won’t compile:

[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  7.111 s
[INFO] Finished at: 2020-04-04T14:36:52+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-shade-plugin:3.2.1:shade (default) on project org.openhab.binding.boschshc: Error creating shaded jar: Invalid signature file digest for Manifest main attributes -> [Help 1]

Any ideas on how to proceed from here. It’s very frustrating, because it works flawlessly on my own installation at home and my motivation to to spend even more time on this without any visible progress is dwindling :slight_smile:

Here is my code:

I have to implement generate_certificate and the loop here

So close! :sleepy:

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.