> For an unknown reason to me, the crypto engine is looking for a private > key in the specified keystore object, which actually only contains a > certificate since it is the server's public key:confused:
The client needs a private key to decrypt the (encrypted) message received from the server. The service should be configured to encrypt the response using the client's public key. Colm. -----Original Message----- From: superk888 [mailto:[email protected]] Sent: 12 November 2009 12:04 To: [email protected] Subject: WSS4J Encryption with public key ??? Hi everyone, I've implemented a Web Service that supports 2-ways encryption features using the X.509 Certificates method. Everything works fine when using 2 pairs of keys as it is described in the Apache CXF documentation, but what I am trying to do, is to use only one pair of keys : server-side keeps its own private key and gives its public key to the service client. Consequently, client-side has to encrypt messages before sending with the server's public key, which should work since this is an asymmetric encryption method. Nevertheless, my service client succeeds to encrypt a message with the server's public key but when the latter sends a response, my service client fails to decode the encrypted response. Is this case, I got the following error : 2009-11-12 12:55:22,261 [main] ERROR org.apache.ws.security.components.crypto.CryptoBase - Cannot find key for alias: [myAlias] in keystore of type [jks] from provider [SUN version 1.5] with size [1] and aliases: {myAlias} 12-nov.-2009 12:55:22 org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage ATTENTION: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid; nested exception is: java.lang.Exception: Cannot find key for alias: [myAlias] at ... ... Caused by: java.lang.Exception: Cannot find key for alias: [myAlias] at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(Crypto Base.java:214) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKe y(EncryptedKeyProcessor.java:328) ... 71 more 12-nov.-2009 12:55:22 org.apache.cxf.phase.PhaseInterceptorChain doIntercept ATTENTION: Interceptor has thrown exception, unwinding now org.apache.cxf.binding.soap.SoapFault: The signature or decryption was invalid; nested exception is: For an unknown reason to me, the crypto engine is looking for a private key in the specified keystore object, which actually only contains a certificate since it is the server's public key:confused: What am I missing? -- View this message in context: http://old.nabble.com/WSS4J-Encryption-with-public-key-----tp26316077p26 316077.html Sent from the WSS4J mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
