Andrew,
thses scripts are _not_ tested or are part of the WSS4J library
software.
They are just examples how you may create certificates et al. To
create certificates you may have to look into the openSSL docs,
Java keystore decriptions etc first.
Regards,
Werner
PS: to mee it seems that the CA certificate was not imported into
the keystore using the "trusted certificate import" mechanism.
Werner
Andrew Kinard schrieb:
Hello all,
I am having trouble creating my own keystore certs. I have attempted
to use the genKeystore.sh, genCertRequest.sh, and
signConvertImportCert.sh scripts, but I have yet to create a cert that
works. I started out using x509.PFX.MSFT and then changed my client
and server wsdd files and crypto.properties files accordingly. When I
attempt to use my own keystore created with the keys *.sh scripts I get
the following debug messages.
I think the "No alias found for subject from issuer..." is the one that
concerns me.
Has anyone seen this behavior before? Are there scripts available for
creating a suitable pkcs12 using only openssl and not keytool?
Regards,
Andrew Kinard
AK;-)
---------
18:59:04,424 DEBUG [WSDoAllReceiver] WSDoAllReceiver: Transmitted
certificate has subject CN=CommitArchCert
18:59:04,426 DEBUG [WSDoAllReceiver] WSDoAllReceiver: Transmitted
certificate has issuer CN=CommitArch_CA (serial 18)
18:59:04,432 DEBUG [WSDoAllReceiver] No alias found for subject from
issuer with CN=CommitArch_CA (serial 18)
18:59:04,436 DEBUG [WSDoAllReceiver] No aliases found in keystore for
issuer CN=CommitArch_CA of certificate for CN=CommitArchCert
----------
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}
Server.generalException
faultSubcode:
faultString: WSDoAllReceiver: The certificate used for the signature is
not trusted
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:WSDoAllReceiver: The
certificate used for the signature is not trusted
at org.apache.ws.axis.security.WSDoAllReceiver.invoke
(WSDoAllReceiver.java:297)
at org.apache.axis.strategies.InvocationStrategy.visit
(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.strategies.InvocationStrategy.visit
(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.handlers.soap.SOAPService.invoke
(SOAPService.java:453)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java: 281)
at org.apache.axis.transport.http.AxisServlet.doPost
(AxisServlet.java:699)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.axis.transport.http.AxisServletBase.service
(AxisServletBase.java:327)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:173)
...
---------
