Hi Santosh,
If you're just need to create self-signed certificates, your best bet
is to probably use the keytool command, which comes with the JDK:
http://java.sun.com/j2se/1.5.0/docs/tooldocs/index.html#security
If you need to create certificate chains, then you may be better off
using the openssl command, which is written in C, but has been ported
to many operating systems:
http://www.openssl.org/docs/apps/openssl.html
Finally, if you need to build certificate chains in Java, the
BouncyCastle toolkit has APIs for generating and issuing X.509 v1 and
v3 certificates:
http://www.bouncycastle.org/docs/docs1.5/index.html
Hopefully, these links should get you going.
Note that if you are trying to communicate with applications out of
your control (say, on your WSE3 or Tomcat applications), you may need
to either get certificates issued by CAs your mutually trust, or you
may need to add any CAs you create to the trust stores for your
applications. It depends a lot on what you're trying to do.
-Fred
On Jul 7, 2008, at 5:50 AM, sh_santosh wrote:
Hi all,
I want to create keystore and other related files for invoking .Net
web
services(WSE 3.0).
I am using jdk1.5.0_05 , jakarta-tomcat-5.0.28, axis 1.3 , wss4j.
How to create keystore, What step need to flow.
Please provide any link and tutorial.
Regards
Santosh
Joshua Kuritzky wrote:
Hi. I've slowly been making headway getting a WSE 3.0 .NET client
talking to a wss4j service. I can turn on security and I can
authenticate with a UsernameToken, but now I'm having a lot of
difficult
getting signing with certificates to work.
Using a combination of openssl and keytool I've created and signed my
certificates and I know by looking at a TCP trace the client is using
the server's certificate to sign its requests, but... whenever I do
this
the server gives a response saying that the security header is
missing.
I'm doing my best to make sense of the documentation and here's
what I
have so far:
I have a crypto.properties file named "server_crypto.properties" with
the following contents:
org
.apache
.ws
.security
.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=storepass
org.apache.ws.security.crypto.merlin.file=U:/sslstuff2/keystore
and my server-config.wsdd has the following lines:
<parameter name="passwordCallbackClass" value="test.PWCallback"/>
<parameter name="action" value="Signature Timestamp"/>
<parameter name="signaturePropFile"
value="server_crypto.properties"/>
I have a few questions:
1. The obvious one: How do I make this work?
2. Is there any way to have axis and/or wss4j log what it's doing
so I
can get a better idea of what's going wrong besides the SOAP
response?
3. Where should the crypto.properties file go?
Thanks for your help,
-Joshua
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/Using-certificates-when-communicated-from-a-.NET-client-to-a-wss4j-service-tp7133516p18313276.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
