You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Thilina Buddhika (JIRA)" <ji...@apache.org> on 2010/12/21 11:39:03 UTC
[jira] Issue Comment Edited: (RAMPART-226) The certificate used for
the signature is not trusted
[ https://issues.apache.org/jira/browse/RAMPART-226?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12973533#action_12973533 ]
Thilina Buddhika edited comment on RAMPART-226 at 12/21/10 5:38 AM:
--------------------------------------------------------------------
Hi Amul,
Please note that parameter based configuration is deprecated currently.
As a work around, you can write a custom implementation and plug it through the module.xml and use it instead of the default WSDoAllReceiver class. In your implementation, you will have to override the verifyTrust() method inherited from the WSHandler class in WSS4J.
Thanks,
Thilina
was (Author: thilinamb):
Hi Amul,
You can write a custom implementation and plug it through the module.xml and use it instead of the default WSDoAllReceiver class. In your implementation, you will have to override the verifyTrust() method inherited from the WSHandler class in WSS4J.
Thanks,
Thilina
> The certificate used for the signature is not trusted
> -----------------------------------------------------
>
> Key: RAMPART-226
> URL: https://issues.apache.org/jira/browse/RAMPART-226
> Project: Rampart
> Issue Type: Question
> Components: rampart-core
> Affects Versions: 1.4
> Environment: IBM Websphere 6.1
> Solaris 10
> Axis2 1.4.1
> Rampart 1.4
> Reporter: Amulkumar Patel
> Assignee: Ruchith Udayanga Fernando
> Priority: Critical
> Fix For: NextVersion
>
>
> - Here is brief summary of installation
> - We installed IBM websphere 6 on solaria 10 box. We are on axis2 1.4.1 and rampart 1.4.
> - We generated X509 certs using openssl and got the public key from trusted authority.
> - Both service and client certs looks ok.
> - We used Timestamp, Encrypt and Signature options in service.xml
> - When client request sent to server, it decrypts successfully and validates signature successfully but after than it failed saying certificate is not trusted.
> Here is stack of error. Please take a look at and let me know if you have any idea why it is happening:
> 2009-04-21 18:01:19,187 [WebContainer : 0] ERROR org.apache.axis2.engine.AxisEngine - WSDoAllReceiver: The certificate used for the signature is not trusted
> org.apache.axis2.AxisFault: WSDoAllReceiver: The certificate used for the signature is not trusted
> at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:292)
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
> at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
> at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989)
> at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501)
> at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464)
> at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3276)
> at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:267)
> at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811)
> at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455)
> at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113)
> at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454)
> at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383)
> at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:263)
> at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
> at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
> at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
> at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
> at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
> at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
> at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195)
> at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743)
> at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873)
> at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469)
> --- Used following properties for validatio
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org