You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by he...@alice.it on 2006/06/26 10:19:50 UTC
[WSS5J 1.5] Unexpected number of X509Data: for Signature
Hi All,
I've create a client that send a certificate with the message, I've a problem with certificate.
I've a keystore pcks12 given me by a CA now I've configured the client in order to sign message , I ve created a class that set the option of client
package PerformWSSecurity;
import java.util.Hashtable;
import org.apache.axis.AxisEngine;
import org.apache.axis.ConfigurationException;
import org.apache.axis.SimpleTargetedChain;
import org.apache.axis.configuration.SimpleProvider;
import org.apache.ws.axis.security.WSDoAllSender;
import org.apache.ws.security.handler.WSHandlerConstants;
public class MyEngineConfiguration extends SimpleProvider {
public MyEngineConfiguration() {
super();
this.deployTransport("http", new SimpleTargetedChain(new org.apache.axis.transport.http.HTTPSender()));
//parameters
Hashtable<String, Object> opts = new Hashtable<String, Object>();
opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML, Boolean.TRUE);
this.setGlobalOptions(opts);
//requestFlow
org.apache.ws.axis.security.WSDoAllSender w = new WSDoAllSender();
w.setOption(WSHandlerConstants.SIG_PROP_FILE, "cryptoSender.properties");
w.setOption(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
w.setOption(WSHandlerConstants.USER, "hermann");
w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
w.setOption(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE);
this.setGlobalResponse(w);
}
@Override
public void configureEngine(AxisEngine engine) throws
ConfigurationException {
engine.refreshGlobalOptions();
}
}
ant this is cryptoSender.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.file=x509pri.p12
org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
org.apache.ws.security.crypto.merlin.keystore.password=1234567890
now the problem is that when I run my main class I return this exception
org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
I don't understand which kind of error is this I think that It doesn't read the certificate in the keystore,
How can I set the properties in order to read certificate?
Thanks a lot
Hermann
Re: R: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi,
Can you please try using the SHA1 digest of the certificate fingerprint.
This is available in the output of the "keytool -list -v" as I
mentioned in my previous mail.
For example, you should see something like this as the output:
Alias name: alice
Creation date: Jun 5, 2005
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Alice, OU=OASIS Interop Test Cert, O=OASIS
Issuer: CN=OASIS Interop Test CA, O=OASIS
Serial number: 33a6047fb155631fed6721178150a899
Valid from: Sat Mar 19 05:30:00 IST 2005 until: Tue Mar 20 05:29:59 IST 2018
Certificate fingerprints:
MD5: 57:CE:81:F1:03:C4:2C:F7:5B:1A:DE:AC:43:64:0A:84
SHA1: 6E:0E:88:F3:6E:BB:87:44:D4:70:F6:2F:60:4D:03:EA:4E:BE:50:94
Now, notice the "Certificate fingerprints:" section of this output and
note that there's a "SHA1" value provided in that.
6E:0E:88:F3:6E:BB:87:44:D4:70:F6:2F:60:4D:03:EA:4E:BE:50:94
Get rid of the colons and convert this string to lower case as show below:
6e0e88f36ebb8744d470f62f604d03ea4eb45094
Now use this value as the value of the "user" parameter (replace value
"1" in your earlier configuration)
Thanks,
Ruchith
On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
>
>
>
> Hi Ruchith,
>
> thanks for your help
>
> I open with keytool my pkcs12 ant it return:
>
> Keystore type: pkcs12
> Keystore provider: SunJSSE
>
> Your keystore contains 1 entry
>
> Alias name: 1
> Creation date: Jun 26, 2006
> Entry type: keyEntry
> Certificate chain length: 2
> Certificate[1]:
> Owner: SERIALNUMBER=11, CN=Francesco, OU=Internet, O=Sun, C=It
>
> so my alias is "1",
>
> I put in myengineconfiguration
> w.setOption(WSHandlerConstants.USER, "1");
>
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
>
> the class PwCallback I've set:
> if ("1".equals(pc.getIdentifer())) {
> pc.setPassword("1234567890");
> }
> }
>
> but when I run main, I see the same error of first:
> org.apache.ws.security.WSSecurityException: WSHandler:
> Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException:
> General security error (Unexpected number of X509Data: for Signature)
>
> How It's possible? I think taht now It's all ok!
> Thanks
>
> -----Messaggio originale-----
> Da: Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
> Inviato: lun 26/06/2006 10.57
> A: hescot@alice.it
> Cc: wss4j-dev@ws.apache.org
> Oggetto: Re: [WSS5J 1.5] Unexpected number of X509Data: for Signature
>
> Hi Hermann,
>
> The problem is that you have not set the *alias* of the private key as
> the value of the "user" parameter. [1]
>
> The value you have given now is "hermann".
> > w.setOption(WSHandlerConstants.USER, "hermann");
>
> You can find the alias of the private key using the keytool
>
> $ keytool -list -v -keystore path/to/x509pri.p12 -storepass 1234567890
> -storetype pkcs12
>
> Take a look at the entries of type "KeyEntry" as shown below and use
> the "Alias name" value of that particular key that you want to use.
>
> Alias name: alice
> Creation date: Jun 5, 2005
> Entry type: keyEntry
>
> If that fails I suggest you can give it another try by using the SHA1
> certificate fingerprint (lowercase letters without colons) of the
> public key cert of the particular key that you want to use. This is
> also available in the output of "keytool -list -v"
>
> HTH
>
> Thanks,
> Ruchith
>
> [1] http://www.wso2.net/kb/116
>
> On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
> >
> >
> >
> >
> > Hi All,
> >
> > I've create a client that send a certificate with the message, I've a
> > problem with certificate.
> >
> > I've a keystore pcks12 given me by a CA now I've configured the client
> in
> > order to sign message , I ve created a class that set the option of
> client
> >
> > package PerformWSSecurity;
> >
> > import java.util.Hashtable;
> >
> > import org.apache.axis.AxisEngine;
> > import org.apache.axis.ConfigurationException;
> > import org.apache.axis.SimpleTargetedChain;
> > import org.apache.axis.configuration.SimpleProvider;
> > import org.apache.ws.axis.security.WSDoAllSender;
> > import
> org.apache.ws.security.handler.WSHandlerConstants;
> >
> >
> > public class MyEngineConfiguration extends SimpleProvider {
> >
> > public MyEngineConfiguration() {
> > super();
> >
> > this.deployTransport("http", new SimpleTargetedChain(new
> > org.apache.axis.transport.http.HTTPSender()));
> > //parameters
> > Hashtable<String, Object> opts = new Hashtable<String,
> Object>();
> > opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML,
> > Boolean.TRUE);
> > this.setGlobalOptions(opts);
> > //requestFlow
> > org.apache.ws.axis.security.WSDoAllSender w =
> new
> > WSDoAllSender();
> > w.setOption(WSHandlerConstants.SIG_PROP_FILE,
> > "cryptoSender.properties");
> > w.setOption(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
> > w.setOption(WSHandlerConstants.USER, "hermann");
> >
> >
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
> > w.setOption(WSHandlerConstants.ACTION,
> > WSHandlerConstants.SIGNATURE);
> > this.setGlobalResponse(w);
> >
> > }
> >
> > @Override
> > public void configureEngine(AxisEngine engine) throws
> > ConfigurationException {
> > engine.refreshGlobalOptions();
> > }
> > }
> >
> > ant this is cryptoSender.properties
> >
> >
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> > org.apache.ws.security.crypto.merlin.file=x509pri.p12
> >
> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> >
> org.apache.ws.security.crypto.merlin.keystore.password=1234567890
> >
> > now the problem is that when I run my main class I return this exception
> >
> > org.apache.ws.security.WSSecurityException: WSHandler:
> > Signature: error during message
> > procesingorg.apache.ws.security.WSSecurityException:
> > General security error (Unexpected number of X509Data: for Signature)
> >
> > I don't understand which kind of error is this I think that It doesn't
> read
> > the certificate in the keystore,
> >
> > How can I set the properties in order to read certificate?
> >
> > Thanks a lot
> >
> > Hermann
> >
>
>
> --
> www.ruchith.org
>
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: R: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi,
Can you please try using the SHA1 digest of the certificate fingerprint.
This is available in the output of the "keytool -list -v" as I
mentioned in my previous mail.
For example, you should see something like this as the output:
Alias name: alice
Creation date: Jun 5, 2005
Entry type: keyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Alice, OU=OASIS Interop Test Cert, O=OASIS
Issuer: CN=OASIS Interop Test CA, O=OASIS
Serial number: 33a6047fb155631fed6721178150a899
Valid from: Sat Mar 19 05:30:00 IST 2005 until: Tue Mar 20 05:29:59 IST 2018
Certificate fingerprints:
MD5: 57:CE:81:F1:03:C4:2C:F7:5B:1A:DE:AC:43:64:0A:84
SHA1: 6E:0E:88:F3:6E:BB:87:44:D4:70:F6:2F:60:4D:03:EA:4E:BE:50:94
Now, notice the "Certificate fingerprints:" section of this output and
note that there's a "SHA1" value provided in that.
6E:0E:88:F3:6E:BB:87:44:D4:70:F6:2F:60:4D:03:EA:4E:BE:50:94
Get rid of the colons and convert this string to lower case as show below:
6e0e88f36ebb8744d470f62f604d03ea4eb45094
Now use this value as the value of the "user" parameter (replace value
"1" in your earlier configuration)
Thanks,
Ruchith
On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
>
>
>
> Hi Ruchith,
>
> thanks for your help
>
> I open with keytool my pkcs12 ant it return:
>
> Keystore type: pkcs12
> Keystore provider: SunJSSE
>
> Your keystore contains 1 entry
>
> Alias name: 1
> Creation date: Jun 26, 2006
> Entry type: keyEntry
> Certificate chain length: 2
> Certificate[1]:
> Owner: SERIALNUMBER=11, CN=Francesco, OU=Internet, O=Sun, C=It
>
> so my alias is "1",
>
> I put in myengineconfiguration
> w.setOption(WSHandlerConstants.USER, "1");
>
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
>
> the class PwCallback I've set:
> if ("1".equals(pc.getIdentifer())) {
> pc.setPassword("1234567890");
> }
> }
>
> but when I run main, I see the same error of first:
> org.apache.ws.security.WSSecurityException: WSHandler:
> Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException:
> General security error (Unexpected number of X509Data: for Signature)
>
> How It's possible? I think taht now It's all ok!
> Thanks
>
> -----Messaggio originale-----
> Da: Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
> Inviato: lun 26/06/2006 10.57
> A: hescot@alice.it
> Cc: wss4j-dev@ws.apache.org
> Oggetto: Re: [WSS5J 1.5] Unexpected number of X509Data: for Signature
>
> Hi Hermann,
>
> The problem is that you have not set the *alias* of the private key as
> the value of the "user" parameter. [1]
>
> The value you have given now is "hermann".
> > w.setOption(WSHandlerConstants.USER, "hermann");
>
> You can find the alias of the private key using the keytool
>
> $ keytool -list -v -keystore path/to/x509pri.p12 -storepass 1234567890
> -storetype pkcs12
>
> Take a look at the entries of type "KeyEntry" as shown below and use
> the "Alias name" value of that particular key that you want to use.
>
> Alias name: alice
> Creation date: Jun 5, 2005
> Entry type: keyEntry
>
> If that fails I suggest you can give it another try by using the SHA1
> certificate fingerprint (lowercase letters without colons) of the
> public key cert of the particular key that you want to use. This is
> also available in the output of "keytool -list -v"
>
> HTH
>
> Thanks,
> Ruchith
>
> [1] http://www.wso2.net/kb/116
>
> On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
> >
> >
> >
> >
> > Hi All,
> >
> > I've create a client that send a certificate with the message, I've a
> > problem with certificate.
> >
> > I've a keystore pcks12 given me by a CA now I've configured the client
> in
> > order to sign message , I ve created a class that set the option of
> client
> >
> > package PerformWSSecurity;
> >
> > import java.util.Hashtable;
> >
> > import org.apache.axis.AxisEngine;
> > import org.apache.axis.ConfigurationException;
> > import org.apache.axis.SimpleTargetedChain;
> > import org.apache.axis.configuration.SimpleProvider;
> > import org.apache.ws.axis.security.WSDoAllSender;
> > import
> org.apache.ws.security.handler.WSHandlerConstants;
> >
> >
> > public class MyEngineConfiguration extends SimpleProvider {
> >
> > public MyEngineConfiguration() {
> > super();
> >
> > this.deployTransport("http", new SimpleTargetedChain(new
> > org.apache.axis.transport.http.HTTPSender()));
> > //parameters
> > Hashtable<String, Object> opts = new Hashtable<String,
> Object>();
> > opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML,
> > Boolean.TRUE);
> > this.setGlobalOptions(opts);
> > //requestFlow
> > org.apache.ws.axis.security.WSDoAllSender w =
> new
> > WSDoAllSender();
> > w.setOption(WSHandlerConstants.SIG_PROP_FILE,
> > "cryptoSender.properties");
> > w.setOption(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
> > w.setOption(WSHandlerConstants.USER, "hermann");
> >
> >
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
> > w.setOption(WSHandlerConstants.ACTION,
> > WSHandlerConstants.SIGNATURE);
> > this.setGlobalResponse(w);
> >
> > }
> >
> > @Override
> > public void configureEngine(AxisEngine engine) throws
> > ConfigurationException {
> > engine.refreshGlobalOptions();
> > }
> > }
> >
> > ant this is cryptoSender.properties
> >
> >
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> > org.apache.ws.security.crypto.merlin.file=x509pri.p12
> >
> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> >
> org.apache.ws.security.crypto.merlin.keystore.password=1234567890
> >
> > now the problem is that when I run my main class I return this exception
> >
> > org.apache.ws.security.WSSecurityException: WSHandler:
> > Signature: error during message
> > procesingorg.apache.ws.security.WSSecurityException:
> > General security error (Unexpected number of X509Data: for Signature)
> >
> > I don't understand which kind of error is this I think that It doesn't
> read
> > the certificate in the keystore,
> >
> > How can I set the properties in order to read certificate?
> >
> > Thanks a lot
> >
> > Hermann
> >
>
>
> --
> www.ruchith.org
>
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
R: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Posted by he...@alice.it.
Hi Ruchith,
thanks for your help
I open with keytool my pkcs12 ant it return:
Keystore type: pkcs12
Keystore provider: SunJSSE
Your keystore contains 1 entry
Alias name: 1
Creation date: Jun 26, 2006
Entry type: keyEntry
Certificate chain length: 2
Certificate[1]:
Owner: SERIALNUMBER=11, CN=Francesco, OU=Internet, O=Sun, C=It
so my alias is "1",
I put in myengineconfiguration
w.setOption(WSHandlerConstants.USER, "1");
w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
the class PwCallback I've set:
if ("1".equals(pc.getIdentifer())) {
pc.setPassword("1234567890");
}
}
but when I run main, I see the same error of first:
org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
How It's possible? I think taht now It's all ok!
Thanks
-----Messaggio originale-----
Da: Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
Inviato: lun 26/06/2006 10.57
A: hescot@alice.it
Cc: wss4j-dev@ws.apache.org
Oggetto: Re: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Hi Hermann,
The problem is that you have not set the *alias* of the private key as
the value of the "user" parameter. [1]
The value you have given now is "hermann".
> w.setOption(WSHandlerConstants.USER, "hermann");
You can find the alias of the private key using the keytool
$ keytool -list -v -keystore path/to/x509pri.p12 -storepass 1234567890
-storetype pkcs12
Take a look at the entries of type "KeyEntry" as shown below and use
the "Alias name" value of that particular key that you want to use.
Alias name: alice
Creation date: Jun 5, 2005
Entry type: keyEntry
If that fails I suggest you can give it another try by using the SHA1
certificate fingerprint (lowercase letters without colons) of the
public key cert of the particular key that you want to use. This is
also available in the output of "keytool -list -v"
HTH
Thanks,
Ruchith
[1] http://www.wso2.net/kb/116
On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
>
>
>
>
> Hi All,
>
> I've create a client that send a certificate with the message, I've a
> problem with certificate.
>
> I've a keystore pcks12 given me by a CA now I've configured the client in
> order to sign message , I ve created a class that set the option of client
>
> package PerformWSSecurity;
>
> import java.util.Hashtable;
>
> import org.apache.axis.AxisEngine;
> import org.apache.axis.ConfigurationException;
> import org.apache.axis.SimpleTargetedChain;
> import org.apache.axis.configuration.SimpleProvider;
> import org.apache.ws.axis.security.WSDoAllSender;
> import org.apache.ws.security.handler.WSHandlerConstants;
>
>
> public class MyEngineConfiguration extends SimpleProvider {
>
> public MyEngineConfiguration() {
> super();
>
> this.deployTransport("http", new SimpleTargetedChain(new
> org.apache.axis.transport.http.HTTPSender()));
> //parameters
> Hashtable<String, Object> opts = new Hashtable<String, Object>();
> opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML,
> Boolean.TRUE);
> this.setGlobalOptions(opts);
> //requestFlow
> org.apache.ws.axis.security.WSDoAllSender w = new
> WSDoAllSender();
> w.setOption(WSHandlerConstants.SIG_PROP_FILE,
> "cryptoSender.properties");
> w.setOption(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
> w.setOption(WSHandlerConstants.USER, "hermann");
>
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
> w.setOption(WSHandlerConstants.ACTION,
> WSHandlerConstants.SIGNATURE);
> this.setGlobalResponse(w);
>
> }
>
> @Override
> public void configureEngine(AxisEngine engine) throws
> ConfigurationException {
> engine.refreshGlobalOptions();
> }
> }
>
> ant this is cryptoSender.properties
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.file=x509pri.p12
> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> org.apache.ws.security.crypto.merlin.keystore.password=1234567890
>
> now the problem is that when I run my main class I return this exception
>
> org.apache.ws.security.WSSecurityException: WSHandler:
> Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException:
> General security error (Unexpected number of X509Data: for Signature)
>
> I don't understand which kind of error is this I think that It doesn't read
> the certificate in the keystore,
>
> How can I set the properties in order to read certificate?
>
> Thanks a lot
>
> Hermann
>
--
www.ruchith.org
R: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Posted by he...@alice.it.
Hi Ruchith,
thanks for your help
I open with keytool my pkcs12 ant it return:
Keystore type: pkcs12
Keystore provider: SunJSSE
Your keystore contains 1 entry
Alias name: 1
Creation date: Jun 26, 2006
Entry type: keyEntry
Certificate chain length: 2
Certificate[1]:
Owner: SERIALNUMBER=11, CN=Francesco, OU=Internet, O=Sun, C=It
so my alias is "1",
I put in myengineconfiguration
w.setOption(WSHandlerConstants.USER, "1");
w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
the class PwCallback I've set:
if ("1".equals(pc.getIdentifer())) {
pc.setPassword("1234567890");
}
}
but when I run main, I see the same error of first:
org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
How It's possible? I think taht now It's all ok!
Thanks
-----Messaggio originale-----
Da: Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
Inviato: lun 26/06/2006 10.57
A: hescot@alice.it
Cc: wss4j-dev@ws.apache.org
Oggetto: Re: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Hi Hermann,
The problem is that you have not set the *alias* of the private key as
the value of the "user" parameter. [1]
The value you have given now is "hermann".
> w.setOption(WSHandlerConstants.USER, "hermann");
You can find the alias of the private key using the keytool
$ keytool -list -v -keystore path/to/x509pri.p12 -storepass 1234567890
-storetype pkcs12
Take a look at the entries of type "KeyEntry" as shown below and use
the "Alias name" value of that particular key that you want to use.
Alias name: alice
Creation date: Jun 5, 2005
Entry type: keyEntry
If that fails I suggest you can give it another try by using the SHA1
certificate fingerprint (lowercase letters without colons) of the
public key cert of the particular key that you want to use. This is
also available in the output of "keytool -list -v"
HTH
Thanks,
Ruchith
[1] http://www.wso2.net/kb/116
On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
>
>
>
>
> Hi All,
>
> I've create a client that send a certificate with the message, I've a
> problem with certificate.
>
> I've a keystore pcks12 given me by a CA now I've configured the client in
> order to sign message , I ve created a class that set the option of client
>
> package PerformWSSecurity;
>
> import java.util.Hashtable;
>
> import org.apache.axis.AxisEngine;
> import org.apache.axis.ConfigurationException;
> import org.apache.axis.SimpleTargetedChain;
> import org.apache.axis.configuration.SimpleProvider;
> import org.apache.ws.axis.security.WSDoAllSender;
> import org.apache.ws.security.handler.WSHandlerConstants;
>
>
> public class MyEngineConfiguration extends SimpleProvider {
>
> public MyEngineConfiguration() {
> super();
>
> this.deployTransport("http", new SimpleTargetedChain(new
> org.apache.axis.transport.http.HTTPSender()));
> //parameters
> Hashtable<String, Object> opts = new Hashtable<String, Object>();
> opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML,
> Boolean.TRUE);
> this.setGlobalOptions(opts);
> //requestFlow
> org.apache.ws.axis.security.WSDoAllSender w = new
> WSDoAllSender();
> w.setOption(WSHandlerConstants.SIG_PROP_FILE,
> "cryptoSender.properties");
> w.setOption(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
> w.setOption(WSHandlerConstants.USER, "hermann");
>
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
> w.setOption(WSHandlerConstants.ACTION,
> WSHandlerConstants.SIGNATURE);
> this.setGlobalResponse(w);
>
> }
>
> @Override
> public void configureEngine(AxisEngine engine) throws
> ConfigurationException {
> engine.refreshGlobalOptions();
> }
> }
>
> ant this is cryptoSender.properties
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.file=x509pri.p12
> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> org.apache.ws.security.crypto.merlin.keystore.password=1234567890
>
> now the problem is that when I run my main class I return this exception
>
> org.apache.ws.security.WSSecurityException: WSHandler:
> Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException:
> General security error (Unexpected number of X509Data: for Signature)
>
> I don't understand which kind of error is this I think that It doesn't read
> the certificate in the keystore,
>
> How can I set the properties in order to read certificate?
>
> Thanks a lot
>
> Hermann
>
--
www.ruchith.org
Re: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi Hermann,
The problem is that you have not set the *alias* of the private key as
the value of the "user" parameter. [1]
The value you have given now is "hermann".
> w.setOption(WSHandlerConstants.USER, "hermann");
You can find the alias of the private key using the keytool
$ keytool -list -v -keystore path/to/x509pri.p12 -storepass 1234567890
-storetype pkcs12
Take a look at the entries of type "KeyEntry" as shown below and use
the "Alias name" value of that particular key that you want to use.
Alias name: alice
Creation date: Jun 5, 2005
Entry type: keyEntry
If that fails I suggest you can give it another try by using the SHA1
certificate fingerprint (lowercase letters without colons) of the
public key cert of the particular key that you want to use. This is
also available in the output of "keytool -list -v"
HTH
Thanks,
Ruchith
[1] http://www.wso2.net/kb/116
On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
>
>
>
>
> Hi All,
>
> I've create a client that send a certificate with the message, I've a
> problem with certificate.
>
> I've a keystore pcks12 given me by a CA now I've configured the client in
> order to sign message , I ve created a class that set the option of client
>
> package PerformWSSecurity;
>
> import java.util.Hashtable;
>
> import org.apache.axis.AxisEngine;
> import org.apache.axis.ConfigurationException;
> import org.apache.axis.SimpleTargetedChain;
> import org.apache.axis.configuration.SimpleProvider;
> import org.apache.ws.axis.security.WSDoAllSender;
> import org.apache.ws.security.handler.WSHandlerConstants;
>
>
> public class MyEngineConfiguration extends SimpleProvider {
>
> public MyEngineConfiguration() {
> super();
>
> this.deployTransport("http", new SimpleTargetedChain(new
> org.apache.axis.transport.http.HTTPSender()));
> //parameters
> Hashtable<String, Object> opts = new Hashtable<String, Object>();
> opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML,
> Boolean.TRUE);
> this.setGlobalOptions(opts);
> //requestFlow
> org.apache.ws.axis.security.WSDoAllSender w = new
> WSDoAllSender();
> w.setOption(WSHandlerConstants.SIG_PROP_FILE,
> "cryptoSender.properties");
> w.setOption(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
> w.setOption(WSHandlerConstants.USER, "hermann");
>
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
> w.setOption(WSHandlerConstants.ACTION,
> WSHandlerConstants.SIGNATURE);
> this.setGlobalResponse(w);
>
> }
>
> @Override
> public void configureEngine(AxisEngine engine) throws
> ConfigurationException {
> engine.refreshGlobalOptions();
> }
> }
>
> ant this is cryptoSender.properties
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.file=x509pri.p12
> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> org.apache.ws.security.crypto.merlin.keystore.password=1234567890
>
> now the problem is that when I run my main class I return this exception
>
> org.apache.ws.security.WSSecurityException: WSHandler:
> Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException:
> General security error (Unexpected number of X509Data: for Signature)
>
> I don't understand which kind of error is this I think that It doesn't read
> the certificate in the keystore,
>
> How can I set the properties in order to read certificate?
>
> Thanks a lot
>
> Hermann
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: [WSS5J 1.5] Unexpected number of X509Data: for Signature
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi Hermann,
The problem is that you have not set the *alias* of the private key as
the value of the "user" parameter. [1]
The value you have given now is "hermann".
> w.setOption(WSHandlerConstants.USER, "hermann");
You can find the alias of the private key using the keytool
$ keytool -list -v -keystore path/to/x509pri.p12 -storepass 1234567890
-storetype pkcs12
Take a look at the entries of type "KeyEntry" as shown below and use
the "Alias name" value of that particular key that you want to use.
Alias name: alice
Creation date: Jun 5, 2005
Entry type: keyEntry
If that fails I suggest you can give it another try by using the SHA1
certificate fingerprint (lowercase letters without colons) of the
public key cert of the particular key that you want to use. This is
also available in the output of "keytool -list -v"
HTH
Thanks,
Ruchith
[1] http://www.wso2.net/kb/116
On 6/26/06, hescot@alice.it <he...@alice.it> wrote:
>
>
>
>
> Hi All,
>
> I've create a client that send a certificate with the message, I've a
> problem with certificate.
>
> I've a keystore pcks12 given me by a CA now I've configured the client in
> order to sign message , I ve created a class that set the option of client
>
> package PerformWSSecurity;
>
> import java.util.Hashtable;
>
> import org.apache.axis.AxisEngine;
> import org.apache.axis.ConfigurationException;
> import org.apache.axis.SimpleTargetedChain;
> import org.apache.axis.configuration.SimpleProvider;
> import org.apache.ws.axis.security.WSDoAllSender;
> import org.apache.ws.security.handler.WSHandlerConstants;
>
>
> public class MyEngineConfiguration extends SimpleProvider {
>
> public MyEngineConfiguration() {
> super();
>
> this.deployTransport("http", new SimpleTargetedChain(new
> org.apache.axis.transport.http.HTTPSender()));
> //parameters
> Hashtable<String, Object> opts = new Hashtable<String, Object>();
> opts.put(AxisEngine.PROP_DISABLE_PRETTY_XML,
> Boolean.TRUE);
> this.setGlobalOptions(opts);
> //requestFlow
> org.apache.ws.axis.security.WSDoAllSender w = new
> WSDoAllSender();
> w.setOption(WSHandlerConstants.SIG_PROP_FILE,
> "cryptoSender.properties");
> w.setOption(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
> w.setOption(WSHandlerConstants.USER, "hermann");
>
> w.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,"PWCallback");
> w.setOption(WSHandlerConstants.ACTION,
> WSHandlerConstants.SIGNATURE);
> this.setGlobalResponse(w);
>
> }
>
> @Override
> public void configureEngine(AxisEngine engine) throws
> ConfigurationException {
> engine.refreshGlobalOptions();
> }
> }
>
> ant this is cryptoSender.properties
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.file=x509pri.p12
> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> org.apache.ws.security.crypto.merlin.keystore.password=1234567890
>
> now the problem is that when I run my main class I return this exception
>
> org.apache.ws.security.WSSecurityException: WSHandler:
> Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException:
> General security error (Unexpected number of X509Data: for Signature)
>
> I don't understand which kind of error is this I think that It doesn't read
> the certificate in the keystore,
>
> How can I set the properties in order to read certificate?
>
> Thanks a lot
>
> Hermann
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org