Apache WSS4J has special support to use BouncyCastle to parse the IssuerName, if BouncyCastle is available. See the comment here:
https://github.com/apache/wss4j/blob/b8d4f1b29e98c53edeb0ffdf1dc4a90382e9fd9e/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java#L943 So if BouncyCastle is added to your classpath it should hopefully work. Colm. On Thu, Nov 9, 2017 at 5:23 PM, <[email protected]> wrote: > Hi, > > > > I am integrating WCF client with CXF web service using JAX-WS. > > > > A certificate with issuer that includes an email option "[email protected] > <mailto:[email protected]> " is sent from the client to the server with > the > issue name as part of the security header in the message. > > > > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > > <o:SecurityTokenReference> > > <X509Data> > > <X509IssuerSerial> > > <X509IssuerName>[email protected] <mailto:[email protected]> > .. > </X509IssuerName> > > > > But X500Princpal.Java currently does not accept E as a valid type so the > request fails throwing an exception in X500Principal.java > > > > java.io.IOException: Invalid keyword "E" > > > > ..NET WCF does not replace the issuer name in the header with an RDN - > 1.2.840.113549.1.9.1 if it did that it should work. > > > > But I am looking for a work around here. Has anyone ran into this issue? > > > > Mark > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
