Expand my Community achievements bar.

Who Me Too'd this topic


Level 3


I have created a OSGi service to generate JWT to connect ACS REST API. Following is my code

// Expiration time in seconds

        Long expirationTime = 86400L;

        // Metascopes associated to key

        String metascopes[] = new String[]{"ent_campaign_sdk"};

        String imsHost = "ims-na1.adobelogin.com";

        // Secret key as byte array. Secret key file should be in DER encoded format.

        byte[] privateKeyFileContent = Files.readAllBytes(Paths.get("/Users/divyas/Desktop/key/private.key"));

        // Create the private key

        KeyFactory keyFactory = KeyFactory.getInstance("RSA");

        KeySpec ks = new PKCS8EncodedKeySpec(privateKeyFileContent);

        RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);

        // Create JWT payload

        Map jwtClaims = new HashMap<>();

        jwtClaims.put("iss", ORG_ID);

        jwtClaims.put("sub", TECHNICAL_ACC_ID);

        jwtClaims.put("exp", expirationTime);

        jwtClaims.put("aud", "https://" + imsHost + "/c/" + API_KEY);

        for (String metascope : metascopes) {

            jwtClaims.put("https://" + imsHost + "/s/" + metascope, TRUE);



        // Create the final JWT token

        String jwtToken = Jwts.builder().setClaims(jwtClaims).signWith(RS256, privateKey).compact();

i have stored private.key and certificate in my local and referring in service. But i am getting following error

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: invalid key format

at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:217)

at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)

Caused by: java.security.InvalidKeyException: invalid key format

at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:331)

at sun.security.pkcs.PKCS8Key.decode(PKCS8Key.java:357)

at sun.security.rsa.RSAPrivateCrtKeyImpl.<init>(RSAPrivateCrtKeyImpl.java:91)

at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(RSAPrivateCrtKeyImpl.java:75)

at sun.security.rsa.RSAKeyFactory.generatePrivate(RSAKeyFactory.java:316)

at sun.security.rsa.RSAKeyFactory.engineGeneratePrivate(RSAKeyFactory.java:213)

am i missing any step? should i add my public certificate locally in cacerts?

Help me in this.

Thanks in advance


Who Me Too'd this topic