Re: WS-Security Encryption and Signature

Tue, 29 Jul 2014 03:12:07 -0700 

Have you set the password for the private (signature) key in the
CallbackHandler ('passwordCallbackClass' property)?

Colm.


On Tue, Jul 29, 2014 at 11:09 AM, Stephanie Dammann <
stephanie.damm...@mpag.eu> wrote:

> Hello there,
>
> I have got a problem to implement the Encryption and Signature.
>
> I already created a client-keystore, client-truststore, server-keystore
> and server-truststore.
> Imported the client-certificate into the server-truststore and vice versa.
> I added the correct action parameters and encryptionPropFiles etc.
>                 outProps.put("user", "clientx509v1");
>
>              outProps.put("passwordCallbackClass",
>                            ".... .client.UTPasswordCallback");
>
>        outProps.pu("encryptionUser", "serverx509v1");
>        outPropsput("encryptionPropFile", "etc/Client_Encrypt.properties");
>        outPropsput("encryptionKeyIdentifier", "IssuerSerial");
>        outPropsput("encryptionParts",
>                    "{Element}{" + WSSE_NS + "}UsernameToken;"
>                    + "{Content}{
> http://schemas.xmlsoap.org/soap/envelope/}Body";);
>        outPropsput("encryptionKeyTransportAlgorithm",
>                http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";);
>
>        outPropsput("signatureUser", "clientx509v1");
>        outPropsput("signaturePropFile", "etc/Client_Sign.properties");
>        outPropsput("signatureKeyIdentifier", "DirectReference");
>        outPropsput("signatureParts",
>                           "{Element}{" + WSU_NS + "}Timestamp;"
>                            + "{Element}{
> http://schemas.xmlsoap.org/soap/envelope/}Body;";);
>        outPropsput("signatureAlgorithm", "
> http://www.w3.org/2000/09/xmldsig#rsa-sha1";);
>
> Even after I was using the imported stores and property-files from the
> wssec_sign_enc example from apache-cxf,
> The encryption and signature is still not working.
> I am getting this excetion:
> org.apache.wss4j.common.ext.WSSecurityException: The private key for the
> supplied alias does not exist in the keystore
>
> So what can I do to find out what is missing? I am pretty sure I have
> exchanged the certificates or imported the keystores/property-files etc
> correctly.
>
> Regards
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to