Hi Anamitra,
The problem is that you don't have the bouncycastle JCE provider set
at the server side and it uses the default (SUN) JCE provider.
Where have you hosted the service? If it is Apache Tomcat please try
adding the bcprov-jdk15-132.jar (since you are on JDK 1.5) into the
lib dir of the axis2/WEB-INF directory.
If this doesn't work please try to host the service with
org.apache.axis2.transport.http.SimpleHTTPServer and make sure you
include the bcprov-jdk15-132.jar in the classpath when you start
SimpleHTTPServer.
BTW were you able to run the security sample available in the
axis2-1.0-std-bin distro?
Thanks,
Ruchith
On 6/3/06, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
Hi
I am trying to test the Axis 2 WS Security features and I have engaged the
rampart module. I have tested the signature and the usernametoken profile
so far but having issues with the Encrypt action. I have 2 key stores one
for the client and another for the server. I have added the server public
key certificate to the client store. The client is generating the request
xml file fine [as seen the tcp monitor] but the server is giving this
error. I have set the java.security file provider -
security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider.
This was needed for the axis 1.2 - so hoping this still holds good. This
used to work for axis 1.2. Not sure what I am missing here. Any pointer is
appreciated.
thanks
Anamitra
java.lang.ExceptionInInitializerError
at javax.crypto.Cipher.getInstance(DashoA12275)
at
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
tyUtil.java:686)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
dKey(EncryptedKeyProcessor.java:116)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
dKey(EncryptedKeyProcessor.java:84)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(En
cryptedKeyProcessor.java:76)
Truncated. see log file for complete stacktrace
java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
at javax.crypto.Cipher.getInstance(DashoA12275)
at
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
tyUtil.java:686)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
dKey(EncryptedKeyProcessor.java:116)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
dKey(EncryptedKeyProcessor.java:84)
Truncated. see log file for complete stacktrace
java.security.PrivilegedActionException: java.security.InvalidKeyException:
Publ
ic key presented not for certificate signature
at java.security.AccessController.doPrivileged(Native Method)
at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
at javax.crypto.Cipher.getInstance(DashoA12275)
at
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
tyUtil.java:686)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
dKey(EncryptedKeyProcessor.java:116)
Truncated. see log file for complete stacktrace
java.security.InvalidKeyException: Public key presented not for certificate
sign
ature
at
org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So
urce)
at javax.crypto.SunJCE_b.c(DashoA12275)
at javax.crypto.SunJCE_b.b(DashoA12275)
at javax.crypto.SunJCE_q.run(DashoA12275)
at java.security.AccessController.doPrivileged(Native Method)
Truncated. see log file for complete stacktrace
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
