Trying to implement PKI using Xfire/WSS4J wherein my webserver is forwarding the client's cert to another authentication server via OCSP. The web browser works but my webservices fail on changeCipherSpec. Both client and server have installed privateStore.jks and publicStore.jks. Do I need to import the publicStore.jks into the server cert the authentication server uses?
I'm faily new to this and not sure the OCSP setup is not getting in the way of my server finishing the handshake. My server's keystore/trustedstore are the OCSP's keystore and trusted store, and a realm plugin is supposedly handling the server to server OCSP stuff. Will I have to trash WSS4J and in some manner install an OSCP friendly secure framework? Any thoughts or other forums where this may be resolved? Thanks Paul -- View this message in context: http://www.nabble.com/changeCipherSpec---tf2344555.html#a6526045 Sent from the WSS4J mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
