Hello, I'm using Camel 2.10.0 (Java 1.6) with XMLSecurity in a route like this:
<camel:keyStoreParameters id="dummyStore" resource="./dummy.jks" password="dummy" /> <marshal> <secureXML xmlCipherAlgorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"; keyCipherAlgorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; recipientKeyAlias="dummy" keyOrTrustStoreParametersId="dummyStore" /> </marshal> Keygeneration: keytool -genkey -alias dummy -keystore dummy.jks -storepass dummy -keyAlg RSA This works fine as long as key and keystore are using the same password. In case those passwords are different, isn't the passPhrase attribute for the secureXML element in charge of handling that? However, generating a new key with a different password than the keystore and using the passPhrase attribute always results into the following exception: java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)[:1.6.0_33] at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)[:1.6.0_33] at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)[:1.6.0_33] at java.security.KeyStore.getKey(KeyStore.java:763)[:1.6.0_33] at org.apache.camel.dataformat.xmlsecurity.XMLSecurityDataFormat.getPublicKey(XMLSecurityDataFormat.java:394)[camel-xmlsecurity-2.10.0.jar:2.10.0] at org.apache.camel.dataformat.xmlsecurity.XMLSecurityDataFormat.encryptAsymmetric(XMLSecurityDataFormat.java:339)[camel-xmlsecurity-2.10.0.jar:2.10.0] at org.apache.camel.dataformat.xmlsecurity.XMLSecurityDataFormat.marshal(XMLSecurityDataFormat.java:306)[camel-xmlsecurity-2.10.0.jar:2.10.0] If passPhrase is not supposed to handle that, how else would I do that? Thanks for your help. Dominik
