I saw that comment in the source code but didn't get the full picture. I tried this version of bouncy.
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on --> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15on</artifactId> <version>1.58</version> </dependency> With this CXF but it didn't seem to pick it up. Is there any other config that I missed? Thank you! This would be a big lifesaver if it is working. <apache.cxf.version>3.2.0</apache.cxf.version> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-spring-boot-starter-jaxws</artifactId> <version>${apache.cxf.version}</version> </dependency> <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-rt-ws-security --> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-ws-security</artifactId> <version>${apache.cxf.version}</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-frontend-jaxws</artifactId> <version>${apache.cxf.version}</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-transports-http</artifactId> <version>${apache.cxf.version}</version> </dependency> -----Original Message----- From: Colm O hEigeartaigh [mailto:cohei...@apache.org] Sent: Friday, November 10, 2017 4:51 AM To: users@cxf.apache.org Subject: Re: .Net and CXF Incompatibility Apache WSS4J has special support to use BouncyCastle to parse the IssuerName, if BouncyCastle is available. See the comment here: https://github.com/apache/wss4j/blob/b8d4f1b29e98c53edeb0ffdf1dc4a90382e9fd9e/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java#L943 So if BouncyCastle is added to your classpath it should hopefully work. Colm. On Thu, Nov 9, 2017 at 5:23 PM, <markfu...@yahoo.com.invalid> wrote: > Hi, > > > > I am integrating WCF client with CXF web service using JAX-WS. > > > > A certificate with issuer that includes an email option > "E=em...@email.com <mailto:E=em...@email.com> " is sent from the > client to the server with the issue name as part of the security > header in the message. > > > > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> > > <o:SecurityTokenReference> > > <X509Data> > > <X509IssuerSerial> > > <X509IssuerName>E=em...@email.com <mailto:E=em...@email.com> > .. > </X509IssuerName> > > > > But X500Princpal.Java currently does not accept E as a valid type so > the request fails throwing an exception in X500Principal.java > > > > java.io.IOException: Invalid keyword "E" > > > > ..NET WCF does not replace the issuer name in the header with an RDN - > 1.2.840.113549.1.9.1 if it did that it should work. > > > > But I am looking for a work around here. Has anyone ran into this issue? > > > > Mark > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com