You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "T.W." <to...@gmail.com> on 2007/11/16 18:07:05 UTC
Problem with getAliasForX509Cert(byte[] skiBytes)
Hi,
We seems to have problem with the new certificate that we have currently
acquired. The program was working fine with the old certificate in which the
only difference that I could tell is the key size. The old one is on 1024
bit while the new certificate is on 2048 bit.
We tried both wss4j-1.1 and also wss4j-1.5.3 versions but still got the same
result.
org.apache.ws.security.WSSecurityException: General security error
(Unexpected number of X509Data: for decryption (KeyId))
After tracing the WSS4J code, the problem is with the
getAliasForX509Cert(byte[] skiBytes) function in which a null alias was
returned. If we change it to return the correct alias name in the keystore,
everything works as normal.
Any comments?
--
View this message in context: http://www.nabble.com/Problem-with-getAliasForX509Cert%28byte---skiBytes%29-tf4822652.html#a13797350
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Problem with getAliasForX509Cert(byte[] skiBytes)
Posted by "T.W." <to...@gmail.com>.
The problem still exists even though unlimited key strength JCE jars are
installed into <java_home>/jre/lib/security folder.
Can someone please help?
T.W. wrote:
>
> Hi,
>
> We seem to have problem with the new certificate that we have currently
> acquired. The program was working fine with the old certificate in which
> the only difference that I could tell is the key size. The old one is on
> 1024 bit while the new certificate is on 2048 bit.
>
> We tried both wss4j-1.1 and also wss4j-1.5.3 versions but still got the
> same result.
>
> org.apache.ws.security.WSSecurityException: General security error
> (Unexpected number of X509Data: for decryption (KeyId))
>
> After tracing the WSS4J code, the problem is with the
> getAliasForX509Cert(byte[] skiBytes) function in which a null alias was
> returned. If we change it to return the correct alias name in the
> keystore, everything works as normal.
>
> Any comments?
>
--
View this message in context: http://www.nabble.com/Problem-with-getAliasForX509Cert%28byte---skiBytes%29-tf4822652.html#a14012901
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org