You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by Davide Romanini <d....@cineca.it> on 2005/07/26 10:39:38 UTC

Problem with certificates

Hi,

I found a small problem when I have some x509v1 certificates in my
keystore and want to use SubjectKeyIdentifier token reference to
sign/encrypt.

The problem is that when wss4j looks in the keystore given a SKI to find
the alias (public String getAliasForX509Cert(byte[] skiBytes) in
Merlin.java), if there's a certificate with version <3, it throws a
WSSecurityException. I don't know if it's the right behaviour, because
it seems to stop any further processing, ignoring the other
certificates. I think it should simply skip the wrong one and go on
examining the others until it finds the right one.

Bye,
Davide Romanini