Supply certificate, useReqSigCert and WS-Policy

[João Luís Pinto <jo...@gmail.com>]

Hello all,

I'm trying to develop a ws that requires timestamping, signing and
encryption on input and provides them symmetrically on the output.

The client holds in his keystore its key and certificate, the CA
(homemade) certificate and the certificate of the service.

The service holds its key and certificate and the certificate of the
CA, and is configured to use the request certificate to encrypt the
reply by setting useReqSigCert in the rampart configuration in the
policy file. Policy is being used both in the client and on the
service.

Password callback handlers are in place on both sides.

In the start I was setting:

<sp:MustSupportRefKeyIdentifier />
<sp:MustSupportRefIssuerSerial />

in the policy file, and getting from the service:

org.apache.axis2.AxisFault: General security error (Unexpected number
of X509Data: for decryption (KeyId))

Even though the problem seems to be on decryption, I tried (following
http://marc.info/?l=axis-user&m=118372333225370&w=2) and replaced
policy with:

<sp:MustSupportRefEmbeddedToken />

I'm now getting

org.apache.axis2.AxisFault: General security error (WSSecurityEngine:
Callback supplied no password for: null)

Any idea on what I'm doing wrong/missing?

João
-- 
Small Brother - http://small-brother.blogspot.com

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org