Hi Anamitra, The problem is that you don't have the bouncycastle JCE provider set at the server side and it uses the default (SUN) JCE provider.
Where have you hosted the service? If it is Apache Tomcat please try adding the bcprov-jdk15-132.jar (since you are on JDK 1.5) into the lib dir of the axis2/WEB-INF directory. If this doesn't work please try to host the service with org.apache.axis2.transport.http.SimpleHTTPServer and make sure you include the bcprov-jdk15-132.jar in the classpath when you start SimpleHTTPServer. BTW were you able to run the security sample available in the axis2-1.0-std-bin distro? Thanks, Ruchith On 6/3/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Hi I am trying to test the Axis 2 WS Security features and I have engaged the rampart module. I have tested the signature and the usernametoken profile so far but having issues with the Encrypt action. I have 2 key stores one for the client and another for the server. I have added the server public key certificate to the client store. The client is generating the request xml file fine [as seen the tcp monitor] but the server is giving this error. I have set the java.security file provider - security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider. This was needed for the axis 1.2 - so hoping this still holds good. This used to work for axis 1.2. Not sure what I am missing here. Any pointer is appreciated. thanks Anamitra java.lang.ExceptionInInitializerError at javax.crypto.Cipher.getInstance(DashoA12275) at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri tyUtil.java:686) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte dKey(EncryptedKeyProcessor.java:116) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte dKey(EncryptedKeyProcessor.java:84) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(En cryptedKeyProcessor.java:76) Truncated. see log file for complete stacktrace java.lang.SecurityException: Cannot set up certs for trusted CAs at javax.crypto.SunJCE_b.<clinit>(DashoA12275) at javax.crypto.Cipher.getInstance(DashoA12275) at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri tyUtil.java:686) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte dKey(EncryptedKeyProcessor.java:116) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte dKey(EncryptedKeyProcessor.java:84) Truncated. see log file for complete stacktrace java.security.PrivilegedActionException: java.security.InvalidKeyException: Publ ic key presented not for certificate signature at java.security.AccessController.doPrivileged(Native Method) at javax.crypto.SunJCE_b.<clinit>(DashoA12275) at javax.crypto.Cipher.getInstance(DashoA12275) at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri tyUtil.java:686) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte dKey(EncryptedKeyProcessor.java:116) Truncated. see log file for complete stacktrace java.security.InvalidKeyException: Public key presented not for certificate sign ature at org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So urce) at javax.crypto.SunJCE_b.c(DashoA12275) at javax.crypto.SunJCE_b.b(DashoA12275) at javax.crypto.SunJCE_q.run(DashoA12275) at java.security.AccessController.doPrivileged(Native Method) Truncated. see log file for complete stacktrace > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]