Re: [Error] WSSecurityException: The signature or decryption was invalid

Thanks, Colm. In fact the exception is thrown because my Crypto implementation (a PKCS11 hardware security token) used by my client to sign the SOAP request does not contain the certificate used by the server to sign its SOAP response. The hack I used to make the certificate available is

Re: [Error] WSSecurityException: The signature or decryption was invalid

Yes, it's a valid response. CXF/WSS4J handles the SubjectKeyIdentifier case as follows: https://github.com/apache/ws-wss4j/blob/420947d684383aeed40a2e41717da6197fb1d9dd/ws-security-common/src/main/java/org/apache/wss4j/common/token/SecurityTokenReference.java#L373 This extracts the SKI bytes

[Error] WSSecurityException: The signature or decryption was invalid

I'm programming a client for a SOAP service that is configured through a policy in the WSDL . The service responds with a message that would be perfectly fine to work with, but has a signature that makes CXF throw an error

Re: WSSecurityException: The signature or decryption was invalid

Update: There are four different servers load balanced for this one webservice. I've included all four public certificates in my truststore, and now I'm connecting without issue :) -- Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html

Re: WSSecurityException: The signature or decryption was invalid

my truststore and the client no longer threw 'The signature or decryption was invalid' exception! This shouldn't be a requirement though, so I'm waiting to hear back from the webservice developer. We both have the issuing cert authorities public cert, and have confirmed it's different than w

Re: WSSecurityException: The signature or decryption was invalid

Absolutely! I'll send you a message. Thanks! -- Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html

Re: WSSecurityException: The signature or decryption was invalid

Would it be possible to share the FINE logs? Otherwise I don't think I can help. Colm. On Thu, Apr 25, 2019 at 6:54 PM G.Dab wrote: > Unfortunately FINE level of logging has shown no errors, only this 'The > signature or decryption was invalid' error once the SOAP message has been >

Re: WSSecurityException: The signature or decryption was invalid

Unfortunately FINE level of logging has shown no errors, only this 'The signature or decryption was invalid' error once the SOAP message has been responded to. Maybe this is a certificate issue? In my truststore I have the root and intermediate authority certificates for the certificate

Re: WSSecurityException: The signature or decryption was invalid

If you look at this logging configuration file from the tests: https://github.com/apache/cxf/blob/master/systests/ws-security/src/test/resources/logging.properties If you change both instances of INFO to FINE and uncomment the line "handlers= java.util.logging.FileHandler,

Re: WSSecurityException: The signature or decryption was invalid

Okay, I understand how to change the logging level to FINE on both the FileHandler and ConsoleHandler: handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler .level= FINE java.util.logging.ConsoleHandler.level= FINE But you mentioned 'debug', and does that mean another

Re: WSSecurityException: The signature or decryption was invalid

he remote webservice, on the other end they've confirmed > receiving the message and it's valid, and they're returning a response. > It's working, but the client keeps throwing the following exception: > > org.apache.wss4j.common.ext.WSSecurityException: The signature or > decrypti

WSSecurityException: The signature or decryption was invalid

, but the client keeps throwing the following exception: org.apache.wss4j.common.ext.WSSecurityException: The signature or decryption was invalid I'm catching the exception with javax.xml.ws.soap.SOAPFaultException. I'm not finding any reason why this is being thrown because everything is working. Any

Re: The signature or decryption was invalid

How did you resolve the problem? -- View this message in context: http://cxf.547215.n5.nabble.com/The-signature-or-decryption-was-invalid-tp4845894p5744258.html Sent from the cxf-user mailing list archive at Nabble.com.

Signature problem after migrating an Apache CXF client from 2.2.6 to 2.4.7 and the same microsoft server on the serverside: The signature or decryption was invalid

request I get The signature or decryption was invalid from the server: 14:50:40.787 main [] ERROR c.l.p.webservice.PostfinanceAdapter#handleError:228- Exception caught during call to postfinance webservice: javax.xml.ws.soap.SOAPFaultException: Microsoft.Web.Services2.Security.SecurityFault

Re: Signature problem after migrating an Apache CXF client from 2.2.6 to 2.4.7 and the same microsoft server on the serverside: The signature or decryption was invalid

                   Data...                    /Data                /Invoice            /invoices            BillerID411061250/BillerID        /UploadFiles    /soap:Body /soap:Envelope With the new request I get The signature or decryption was invalid from the server: 14:50:40.787 main [] ERROR

Re: Signature problem after migrating an Apache CXF client from 2.2.6 to 2.4.7 and the same microsoft server on the serverside: The signature or decryption was invalid

/Invoice /invoices BillerID411061250/BillerID /UploadFiles /soap:Body /soap:Envelope With the new request I get The signature or decryption was invalid from the server: 14:50:40.787 main [] ERROR c.l.p.webservice.PostfinanceAdapter

Re: moving to cxf 2.5 org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

-security-WSSecurityException-The-signature-or-decryption-was-invalid-tp5077993p5078579.html Sent from the cxf-user mailing list archive at Nabble.com. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com

Re: moving to cxf 2.5 org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

I think its a bug with wss4j-1.6.0.jar I replaced this with wss4j-1.6.3.jar it works. -- View this message in context: http://cxf.547215.n5.nabble.com/moving-to-cxf-2-5-org-apache-ws-security-WSSecurityException-The-signature-or-decryption-was-invalid-tp5077993p5080564.html Sent from

Re: moving to cxf 2.5 org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

  it works. -- View this message in context: http://cxf.547215.n5.nabble.com/moving-to-cxf-2-5-org-apache-ws-security-WSSecurityException-The-signature-or-decryption-was-invalid-tp5077993p5080564.html Sent from the cxf-user mailing list archive at Nabble.com. -- Colm O hEigeartaigh

moving to cxf 2.5 org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

-The-signature-or-decryption-was-invalid-tp5077993p5077993.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: moving to cxf 2.5 org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

now I am trying to migrate to cxf 2.5.0 I get the error and wss4j 1.6.0. -- View this message in context: http://cxf.547215.n5.nabble.com/moving-to-cxf-2-5-org-apache-ws-security-WS SecurityException-The-signature-or-decryption-was-invalid-tp5077993p5077993. html Sent from the cxf-user

Re: moving to cxf 2.5 org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

enabled logging and here is the exception -- View this message in context: http://cxf.547215.n5.nabble.com/moving-to-cxf-2-5-org-apache-ws-security-WSSecurityException-The-signature-or-decryption-was-invalid-tp5077993p5078372.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: moving to cxf 2.5 org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

I enabled org.apache.ws logging here is more debug from logs -- View this message in context: http://cxf.547215.n5.nabble.com/moving-to-cxf-2-5-org-apache-ws-security-WSSecurityException-The-signature-or-decryption-was-invalid-tp5077993p5078579.html Sent from the cxf-user mailing list

Re: The signature or decryption was invalid

same problem. The weird thing for me is that it works perfectly on windows but not on linux... -- View this message in context: http://cxf.547215.n5.nabble.com/The-signature-or-decryption-was-invalid-tp4845894p4852160.html Sent from the cxf-user mailing list archive at Nabble.com

Re: The signature or decryption was invalid

.547215.n5.nabble.com/The-signature-or-decryption-was-invalid-tp4845894p4852160.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: The signature or decryption was invalid

Anyone have any ideas? -- View this message in context: http://cxf.547215.n5.nabble.com/The-signature-or-decryption-was-invalid-tp4845894p4848221.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: The signature or decryption was invalid

It's impossible to tell from so little information. Could you supply a test-case? Colm. On Wed, Sep 28, 2011 at 8:32 AM, yannick yannick.land...@gmail.com wrote: Anyone have any ideas? -- View this message in context: http://cxf.547215.n5.nabble.com/The-signature-or-decryption-was-invalid

Re: The signature or decryption was invalid

Maye also interresting the stacktrace: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:373

Re: The signature or decryption was invalid

We noticed that cxf has problems with the referencing in the request in linux... We took out ts-16 reference and then it complained on the next one... Any ideas? -- View this message in context: http://cxf.547215.n5.nabble.com/The-signature-or-decryption-was-invalid-tp4845894p4849193.html Sent

Re: The signature or decryption was invalid

this message in context: http://cxf.547215.n5.nabble.com/The-signature-or-decryption-was-invalid-tp4845894p4849193.html Sent from the cxf-user mailing list archive at Nabble.com. -- Colm O hEigeartaigh http://coheigea.blogspot.com/ Talend - http://www.talend.com

Re: The signature or decryption was invalid

://cxf.547215.n5.nabble.com/The-signature-or-decryption-was-invalid-tp4845894p4849287.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF 2.4.1 Client is giving the signature or decryption was invalid

in context: http://cxf.547215.n5.nabble.com/CXF-2-4-1-Client-is-giving-the-signature-or-decryption-was-invalid-tp4507027p4521909.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF 2.4.1 Client is giving the signature or decryption was invalid

/CXF-2-4-1-Client-is-giving-the-signature-or-decryption-was-invalid-tp4507027p4521912.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF 2.4.1 Client is giving the signature or decryption was invalid

.nabble.com/CXF-2-4-1-Client-is-giving-the-signature-or-decryption-was-invalid-tp4507027p4522336.html Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF 2.4.1 Client is giving the signature or decryption was invalid

-the-signature-or-decryption-was-invalid-tp4507027p4508152.html Sent from the cxf-user mailing list archive at Nabble.com. -- Colm O hEigeartaigh http://coheigea.blogspot.com/ Talend - http://www.talend.com

Re: CXF 2.4.1 Client is giving the signature or decryption was invalid

/n4514527/MSRESP1.xml MSRESP1.xml Policy http://cxf.547215.n5.nabble.com/file/n4514527/addr-external.xml addr-external.xml Thanks Mahesh -- View this message in context: http://cxf.547215.n5.nabble.com/CXF-2-4-1-Client-is-giving-the-signature-or-decryption-was-invalid-tp4507027p4514527

CXF 2.4.1 Client is giving the signature or decryption was invalid

com.trails.ws.IntegrationWebService Jun 17, 2011 4:38:53 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage WARNING: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:380

Re: CXF 2.4.1 Client is giving the signature or decryption was invalid

After updating correct namesapces i am getting javax.xml.bind.UnmarshalException -- View this message in context: http://cxf.547215.n5.nabble.com/CXF-2-4-1-Client-is-giving-the-signature-or-decryption-was-invalid-tp4507027p4508152.html Sent from the cxf-user mailing list archive at Nabble.com.