Re: [Error] WSSecurityException: The signature or decryption was invalid

Thanks, Colm. In fact the exception is thrown because my Crypto implementation (a PKCS11 hardware security token) used by my client to sign the SOAP request does not contain the certificate used by the server to sign its SOAP response. The hack I used to make the certificate available is

Re: [Error] WSSecurityException: The signature or decryption was invalid

Yes, it's a valid response. CXF/WSS4J handles the SubjectKeyIdentifier case as follows: https://github.com/apache/ws-wss4j/blob/420947d684383aeed40a2e41717da6197fb1d9dd/ws-security-common/src/main/java/org/apache/wss4j/common/token/SecurityTokenReference.java#L373 This extracts the SKI bytes

[Error] WSSecurityException: The signature or decryption was invalid

I'm programming a client for a SOAP service that is configured through a policy in the WSDL . The service responds with a message that would be perfectly fine to work with, but has a signature that makes CXF throw an error

Re: WSSecurityException: The signature or decryption was invalid

Update: There are four different servers load balanced for this one webservice. I've included all four public certificates in my truststore, and now I'm connecting without issue :) -- Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html

Re: WSSecurityException: The signature or decryption was invalid

Made some progress on this and wanted to share for anyone having a similar problem. In my WS-SecurityPolicy it states the following for the RecipientToken:

Re: WSSecurityException: The signature or decryption was invalid

Absolutely! I'll send you a message. Thanks! -- Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html

Re: WSSecurityException: The signature or decryption was invalid

Would it be possible to share the FINE logs? Otherwise I don't think I can help. Colm. On Thu, Apr 25, 2019 at 6:54 PM G.Dab wrote: > Unfortunately FINE level of logging has shown no errors, only this 'The > signature or decryption was invalid' error once the SOAP message has been > responded

Re: WSSecurityException: The signature or decryption was invalid

Unfortunately FINE level of logging has shown no errors, only this 'The signature or decryption was invalid' error once the SOAP message has been responded to. Maybe this is a certificate issue? In my truststore I have the root and intermediate authority certificates for the certificate the

Re: WSSecurityException: The signature or decryption was invalid

If you look at this logging configuration file from the tests: https://github.com/apache/cxf/blob/master/systests/ws-security/src/test/resources/logging.properties If you change both instances of INFO to FINE and uncomment the line "handlers= java.util.logging.FileHandler,

Re: WSSecurityException: The signature or decryption was invalid

Okay, I understand how to change the logging level to FINE on both the FileHandler and ConsoleHandler: handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler .level= FINE java.util.logging.ConsoleHandler.level= FINE But you mentioned 'debug', and does that mean another

Re: WSSecurityException: The signature or decryption was invalid

If you turn on debug / FINE logging, it should tell you where the error is. Colm. On Thu, Apr 11, 2019 at 9:54 PM G.Dab wrote: > I'm using CXF v3.3.0 and a WSDL first client. The WSDL has a > WS-SecurityPolicy and I've configured the client accordingly. I'm able to > connect to the remote

WSSecurityException: The signature or decryption was invalid

I'm using CXF v3.3.0 and a WSDL first client. The WSDL has a WS-SecurityPolicy and I've configured the client accordingly. I'm able to connect to the remote webservice, on the other end they've confirmed receiving the message and it's valid, and they're returning a response. It's working, but