[ https://issues.apache.org/jira/browse/RAMPART-226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Amulkumar Patel updated RAMPART-226: ------------------------------------ Description: - Here is brief summary of installation - We installed IBM websphere 6 on solaria 10 box. We are on axis2 1.4.1 and rampart 1.4. - We generated X509 certs using openssl and got the public key from trusted authority. - Both service and client certs looks ok. - We used Timestamp, Encrypt and Signature options in service.xml - When client request sent to server, it decrypts successfully and validates signature successfully but after than it failed saying certificate is not trusted. Here is stack of error. Please take a look at and let me know if you have any idea why it is happening: 2009-04-21 18:01:19,187 [WebContainer : 0] ERROR org.apache.axis2.engine.AxisEngine - WSDoAllReceiver: The certificate used for the signature is not trusted org.apache.axis2.AxisFault: WSDoAllReceiver: The certificate used for the signature is not trusted at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:292) at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86) at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72) at org.apache.axis2.engine.Phase.invoke(Phase.java:317) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275) at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:763) at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989) at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501) at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3276) at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:267) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811) at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455) at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:263) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113) at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136) at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195) at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743) at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469) --- Used following properties for validatio org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks was: - Here is brief summary of installation - We installed IBM websphere 6 on solaria 10 box. We are on axis2 1.4.1 and rampart 1.4. - We generated X509 certs using openssl and got the public key from trusted authority. - Both service and client certs looks ok. - We used Timestamp, Encrypt and Signature options in service.xml - When client request sent to server, it decrypts successfully and validates signature successfully but after than it failed saying certificate is not trusted. Here is stack of error. Please take a look at and let me know if you have any idea why it is happening: 2009-04-21 18:01:19,187 [WebContainer : 0] ERROR org.apache.axis2.engine.AxisEngine - WSDoAllReceiver: The certificate used for the signature is not trusted org.apache.axis2.AxisFault: WSDoAllReceiver: The certificate used for the signature is not trusted at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:292) at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86) at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72) at org.apache.axis2.engine.Phase.invoke(Phase.java:317) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275) at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:763) at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989) at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501) at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3276) at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:267) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811) at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455) at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:263) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214) at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113) at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136) at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195) at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743) at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469) > The certificate used for the signature is not trusted > ----------------------------------------------------- > > Key: RAMPART-226 > URL: https://issues.apache.org/jira/browse/RAMPART-226 > Project: Rampart > Issue Type: Bug > Components: rampart-core > Affects Versions: 1.4 > Environment: IBM Websphere 6.1 > Solaris 10 > Axis2 1.4.1 > Rampart 1.4 > Reporter: Amulkumar Patel > Assignee: Ruchith Udayanga Fernando > Priority: Critical > Fix For: 1.4 > > > - Here is brief summary of installation > - We installed IBM websphere 6 on solaria 10 box. We are on axis2 1.4.1 and > rampart 1.4. > - We generated X509 certs using openssl and got the public key from trusted > authority. > - Both service and client certs looks ok. > - We used Timestamp, Encrypt and Signature options in service.xml > - When client request sent to server, it decrypts successfully and validates > signature successfully but after than it failed saying certificate is not > trusted. > Here is stack of error. Please take a look at and let me know if you have any > idea why it is happening: > 2009-04-21 18:01:19,187 [WebContainer : 0] ERROR > org.apache.axis2.engine.AxisEngine - WSDoAllReceiver: The certificate used > for the signature is not trusted > org.apache.axis2.AxisFault: WSDoAllReceiver: The certificate used for the > signature is not trusted > at > org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:292) > at > org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86) > at > org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72) > at org.apache.axis2.engine.Phase.invoke(Phase.java:317) > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264) > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163) > at > org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275) > at > org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:763) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) > at > com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989) > at > com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501) > at > com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464) > at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3276) > at > com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:267) > at > com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811) > at > com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455) > at > com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113) > at > com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454) > at > com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383) > at > com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:263) > at > com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214) > at > com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113) > at > com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) > at > com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) > at > com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) > at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136) > at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195) > at > com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743) > at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873) > at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469) > --- Used following properties for validatio > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin > org.apache.ws.security.crypto.merlin.keystore.type=jks -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.