Java client auto-enrollment fails if certificate in the pool on server has a large serial number
Originally Published: 2010-05-12
Article Number
Applies To
Issue
During auto-enrollment, if the certificate returned from the pool on server has a large serial number such as "13590587702563758033", the client will fail auto-enrollment with the following exception:
Exception in thread "main" java.lang.NumberFormatException: For input string: "13590587702563758033"
at java.lang.NumberFormatException.forInputString(Unknown Source)
at java.lang.Integer.parseInt(Unknown Source)
at java.lang.Integer.valueOf(Unknown Source)
at com.rsa.kmc.w.bm.a(Unknown Source)
at com.rsa.kmc.w.B.a(Unknown Source)
at com.rsa.kmc.w.W.a(Unknown Source)
at com.rsa.kmc.w.ap.a(Unknown Source)
at com.rsa.kmc.w.ap.a(Unknown Source)
at com.rsa.kmc.w.bn.a(Unknown Source)
at com.rsa.kmc.w.Q.a(Unknown Source)
at com.rsa.kmc.w.Q.b(Unknown Source)
at com.rsa.kmc.w.Q.a(Unknown Source)
at com.rsa.kmc.KMConfig.c(Unknown Source)
at com.rsa.kmc.KMConfig.a(Unknown Source)
at com.rsa.kmc.KMConfig.<init>(Unknown Source)
at com.target.EnrollKM.main(EnrollKM.java:23)
RKM Java Client 2.7 sample getKeyByKeyClass shows the following (with client.autoenroll_enable set to true):
D:\RSA\KeyManager\2.7\2.7.0\Java client\rkmc>ant run.getKeyByKeyClass
Buildfile: build.xml
run.getKeyByKeyClass:
compile:
[javac] Compiling 46 source files to D:\RSA\KeyManager\2.7\2.7.0\Java client\rkmc\gen\classes
-check.class.name:
run:
[java] Running Sample GetKeyByKeyClass
[java] Exception in thread "main" java.lang.NumberFormatException: For input string: "13590587702563757983"
[java] at java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)
[java] at java.lang.Integer.parseInt(Integer.java:461)
[java] at java.lang.Integer.valueOf(Integer.java:554)
[java] at com.rsa.kmc.w.bm.a(Unknown Source)
[java] at com.rsa.kmc.w.B.a(Unknown Source)
[java] at com.rsa.kmc.w.W.a(Unknown Source)
[java] at com.rsa.kmc.w.ap.a(Unknown Source)
[java] at com.rsa.kmc.w.ap.a(Unknown Source)
[java] at com.rsa.kmc.w.bn.a(Unknown Source)
[java] at com.rsa.kmc.w.Q.a(Unknown Source)
[java] at com.rsa.kmc.w.Q.b(Unknown Source)
[java] at com.rsa.kmc.w.Q.a(Unknown Source)
[java] at com.rsa.kmc.KMConfig.c(Unknown Source)
[java] at com.rsa.kmc.KMConfig.a(Unknown Source)
[java] at com.rsa.kmc.KMConfig.<init>(Unknown Source)
[java] at rkmjc.api.getkey.GetKeyByKeyClass.run(GetKeyByKeyClass.java:35)
[java] at rkmjc.api.getkey.GetKeyByKeyClass.main(GetKeyByKeyClass.java:63)
BUILD FAILED
D:\RSA\KeyManager\2.7\2.7.0\Java client\rkmc\build.xml:238: The following error occurred while executing this line:
D:\RSA\KeyManager\2.7\2.7.0\Java client\rkmc\build.xml:87: Java returned: 1
Total time: 17 seconds
D:\RSA\KeyManager\2.7\2.7.0\Java client\rkmc>
RKM Server log shows the following entries:
09 Apr 2010 15:01:53,821 1270158113352 anonymous (-1) INFO TP-Processor3 - Client : Internal, Created identity TestEnrollment.User1
09 Apr 2010 15:01:53,836 1270158113352 anonymous (-1) INFO TP-Processor3 - Client : Internal, Bound certificate authentication to identity TestEnrollment.User1
09 Apr 2010 15:01:53,852 1270158113352 anonymous (-1) INFO TP-Processor3 - Client : Internal, Deleted PKCS#12 21
09 Apr 2010 15:01:53,868 1270158113352 anonymous (-1) INFO TP-Processor3 - Client : Internal, Auto enrollment succeded for profile 'TestEnrollment', new identity 'TestEnrollment.User1' created with certificate[subject=CN=testClient, OU=Some OrgUnit, O=Some Organization, L=Some City, ST=state, C=US, serialnumber=13590587702563758033]
01 Apr 2010 15:01:56,962 1270158116806 TestEnrollment.User1 (34) INFO TP-Processor13 - Client : 10.11.11.14, Created Client for IP 10.11.11.14
01 Apr 2010 15:01:56,962 1270158116806 TestEnrollment.User1 (34) INFO TP-Processor13 - Client : 10.11.11.14, Client registered with the following details, appname=TestEnrollment.Application1, hostname=clienthost.domain.net, ip=10.11.11.14, version=2.7, managed=false, identity=TestEnrollment.User1
01 Apr 2010 15:02:00,979 1270158120900 TestEnrollment.User1 (34) INFO TP-Processor13 - Client : 10.11.11.14, Originator created with ID aaaa3333cc7777f44ccc444b5e1d5e0000e4ff77c9eee2222a66a3ee6a55bb5f under identity TestEnrollment.User1
Cause
Resolution
Workaround
Related Articles
How to verify the serial number of the certificate used for an LDAPS connection in RSA Authentication Manager 8.x Number of Views Review SQL SELECT in the Content tab is not working in RSA Identity Governance and Lifecycle Number of Views Business descriptions are applied incorrectly when using a wildcard with an underscore in RSA Identity Governance and Life… Number of Views Serial number is the only field visible when searching for tokens using Where search in RSA Authentication Manager 8.x Number of Views No match is found when attempting to list token by serial number for unassigned token in RSA ACE/Server 5.1.1 Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
