Cannot generate certificate using CLI (characters not permissible error)


When I try to generate a certificate using the cli:

tizen certificate -a certAuthor -f certFile -p 12345

I got the following output:

No path option. Will be generated on '/tizen/sdk-data/keystore/author'.
Working path: /tizen/sdk-data/keystore/author
Generating a certificate with
  File name = certFile
  Container Password = *****
  Alias = certAuthor
  Key Password = *****
  Internal Certificates Directory = /tizen/sdk/tools/certificate-generator

When I check /tizen/sdk-data/cli/logs/cli.log, I find this:

2019-03-08 16:27:36,661 [TRACE] - Start running Tizen CLI Main class...
2019-03-08 16:27:36,664 [TRACE] - Argument count:9
2019-03-08 16:27:36,679 [TRACE] - Start certificate generation.
2019-03-08 16:27:36,679 [TRACE] - [Argument] Alias: certAuthor, Password: 12345
2019-03-08 16:27:36,679 [TRACE] - [Argument] Filename: certFile
2019-03-08 16:27:36,679 [TRACE] - [Argument] Country: null
2019-03-08 16:27:36,680 [TRACE] - [Argument] State: null
2019-03-08 16:27:36,680 [TRACE] - [Argument] City: null
2019-03-08 16:27:36,680 [TRACE] - [Argument] Organization: null
2019-03-08 16:27:36,680 [TRACE] - [Argument] Organization Unit: null
2019-03-08 16:27:36,680 [TRACE] - [Argument] Email: null
2019-03-08 16:27:36,680 [TRACE] - [Argument] Name: null
2019-03-08 16:27:36,680 [TRACE] - Current working directory: /tizen/sdk-data/keystore/author
2019-03-08 16:27:36,786 [ERROR] - Exception caught.pkcsKeyStore path string should not have special characters not permissible in unix type file system
org.tizen.ncli.exceptions.UnexpectedException: Exception caught.pkcsKeyStore path string should not have special characters not permissible in unix type file system
at org.tizen.ncli.subcommands.AbstractSubCommand.runCommand(
I don't see any special characters in my request, so I don't understand the error. You guys have any hints on this ?
Edited by: Clément Aymard on 12 Mar, 2019
View Selected Answer


4 Replies
Clément Aymard

I resolved my error, but I hit another one, when signing a package ; it told me that I have a invalid password. The thing is my password is correct, I double check it, the security profile is added and activated. You have below the commands I run, then the error is sdk-data/cli/logs/cli.log


tizen3@ce15fdae1572:~/testProject$ tizen security-profiles add -n testCertif -a $PWD/certFile.p12 -p 12345
Loaded in '/tizen3/sdk-data/profile/profiles.xml'.
author path: /tizen3/testProject/certFile.p12
author password: *****
distributor1 path: /tizen3/sdk/tools/certificate-generator/certificates/distributor/tizen-distributor-signer.p12
distributor1 password: *************************
distributor1 CA path: /tizen3/sdk/tools/certificate-generator/certificates/distributor/tizen-distributor-ca.cer

Wrote to '/tizen3/sdk-data/profile/profiles.xml'.
Succeed to add 'testCertif' profile.
If want to sign by this, add the file of security profiles in CLI configuration
  like 'tizen cli-config "profiles.path=/tizen3/sdk-data/profile/profiles.xml"'.
tizen3@ce15fdae1572:~/testProject$ tizen cli-config "profiles.path=/tizen3/sdk-data/profile/profiles.xml"
Setting configuration is succeeded....
tizen3@ce15fdae1572:~/testProject$ tizen security-profiles set-active -n testCertif
Loaded in '/tizen3/sdk-data/profile/profiles.xml'.
Wrote to '/tizen3/sdk-data/profile/profiles.xml'.
Succeed to set 'testCertif' profile as active.
tizen3@ce15fdae1572:~/testProject$ tizen security-profiles list
Loaded in '/tizen3/sdk-data/profile/profiles.xml'.
[Profile Name]      [Active]
testCertif          O
tizen3@ce15fdae1572:~/testProject$ tizen package -t wgt -s testCertif -o . -- $PWD
An error has occurred. See the log file tizen-sdk/tools/ide/cli.log.


2019-03-18 12:56:22,637 [TRACE] - Start running Tizen CLI Main class...
2019-03-18 12:56:22,640 [TRACE] - Argument count:11
2019-03-18 12:56:22,661 [TRACE] - Execute PackageCLI...
2019-03-18 12:56:22,661 [TRACE] - getRealWorkingPath: /tizen3/testProject
2019-03-18 12:56:23,101 [ERROR] - org.tizen.common.sign.exception.CertificationException: Invaild password
java.lang.IllegalStateException: org.tizen.common.sign.exception.CertificationException: Invaild password
at org.tizen.common.core.command.policy.UncaughtExceptionHandlingPolicy.uncaughtException(
at org.tizen.common.core.command.Executor.execute(
at org.tizen.common.core.command.Executor.execute(
at org.tizen.ncli.subcommands.sign.SignCLICommand.getSigningProfile(
at org.tizen.ncli.subcommands.AbstractSubCommand.runCommand(
at org.tizen.ncli.subcommands.AbstractSubCommand.runCommand(
Caused by: org.tizen.common.sign.exception.CertificationException: Invaild password
at org.tizen.common.sign.command.ReadSigningProfileFileCommand.checkPkcs12Password(
at org.tizen.common.sign.command.ReadSigningProfileFileCommand.validateSigningInfo(
at org.tizen.common.core.command.Executor.execute(
... 13 more
2019-03-18 12:56:23,104 [ERROR] - org.tizen.common.sign.exception.CertificationException: Invaild password
Mark as answer

It seems Tizen Studio bug.

You can work around the error by

1. specifying the exact password strings (for author and distributer) in the profiles.xml.

2. or create the profile using GUI.


Clément Aymard

Thank you Kim.

I know the author password, but I don't know the distributer password, how can I find or reset it ?

I'm looking to do it 100% CLI, so I can't use the GUI.

Clément Aymard

I found the error. As I was in a container, there was so keyring. But Tizen SDK stores the certificates password in a keyring.

To resolve that, I wrote the password strings in profiles.xml, as you said Kim. Thank you.

For the distributor password, I could find it in the keyring of my PC.