You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by An...@mro.com on 2006/02/24 18:47:24 UTC
Signature verification problem
Hi
I am trying to test a Signature action from the client to the server. I
have imported the clients certificate into the server store. When I try
invoking the web service I get the following exception. I checked the
message in tcpmon and am not seeing anything to raise a flag except that
the serial number does not match the serial number shown by the keytool
[not sure if its encoded in different way]. I am not sure what I am
missing. I am attaching the server wsdd and the client wsdd and the keytool
commands.
AxisFault
faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: WSDoAllReceiver: security processing failed; nested exception
is:
org.apache.ws.security.WSSecurityException: The signature
verification failed
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}hostname:D2DFJ971
WSDoAllReceiver: security processing failed; nested exception is:
org.apache.ws.security.WSSecurityException: The signature
verification failed
soap header
---------------------
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1"><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-27173235">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>bIURuKkNJkvOePjL2w3nNum8KrA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
uH8F5vW9KKvWTs9hJtEq2mWn01+t+MHQCDWvC/gUn/dxqkWpdjfXtfWuhYEkjjE5U4PYpfyqY3De
D5JULLmW2qBJfFUbONFbcpR2VTUi+Ya9c+jcLpSP9dYZ/bys9ey/h5JhZWkEN2ERmwwQCJiKDg6R
522tMtlT9HMFa7GxZ18=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-24697864">
<wsse:SecurityTokenReference
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-26625789"><ds:X509IssuerSerial>
<ds:X509IssuerName>CN=testalias2</ds:X509IssuerName>
<ds:X509SerialNumber>1140456858</ds:X509SerialNumber>
</ds:X509IssuerSerial></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security>
Server wsdd
--------------------
<service name="MXINVOICEInterface" provider="java:MSG" style="message"
use="literal">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="Signature"/>
<parameter name="signaturePropFile" value="mysigcrypto.properties" />
</handler>
</requestFlow>
<wsdlFile>C:\bea8\user_projects\domains\mydomain\wsdl\MXINVOICEInterface.wsdl</wsdlFile>
<parameter name="allowedMethods" value="processDocument"/>
<parameter name="className"
value="psdi.iface.webservices.MEADocumentService"/>
<parameter name="scope" value="Application"/>
<parameter name="sendXsiTypes" value="false"/>
<parameter name="sendMultiRefs" value="false"/>
</service>
mysigcrypto.properties
-----------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=testsp1
org.apache.ws.security.crypto.merlin.file=teststore1
Clients wsdd
---------------------
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature"/>
<parameter name="user" value="testalias2"/>
<parameter name="signaturePropFile" value="clientsigcrypto.properties"
/>
<parameter name="passwordCallbackClass"
value="psdi.iface.webservices.PWCallBack"/>
</handler>
</requestFlow>
</globalConfiguration>
</deployment>
clientsigcrypto.properties
--------------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=testsp2
org.apache.ws.security.crypto.merlin.file=teststore2
Keytool commands
------------------------------
keytool -genkey -alias testalias1 -keystore teststore1 -dname
"cn=testalias1" -keypass testkp1 -storepass testsp1 -keyalg RSA
keytool -genkey -alias testalias2 -keystore teststore2 -dname
"cn=testalias2" -keypass testkp2 -storepass testsp2 -keyalg RSA
keytool -selfcert -alias testalias1 -keystore teststore1 -keypass testkp1
-storepass testsp1
keytool -selfcert -alias testalias2 -keystore teststore2 -keypass testkp2
-storepass testsp2
keytool -export -keystore teststore2 -alias testalias2 -storepass testsp2
-file testcert2 -rfc
keytool -import -alias testcert2 -file testcert2 -keystore teststore1
-storepass testsp1
Any pointers appeciated.
thanks
Anamitra
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature verification problem [more info from debugging into the
WSSecurityEngine]
Posted by An...@mro.com.
Hi
I debugged further into the exception [as shown below] that was there in
the server logs and I put some some debugs in the
WSSecurityEngine file and checked that with the IssuerSerial token its able
to load the correct certificate [I printed the certificate handle] and
then it gives error in signature verification! thats pretty strange and am
just wondering whether this something to do with the
exclusive c14n used. Not sure if I am hitting a bug there with the xml
security implementation?? Am using wss4j 1.1 with Axis 1.2.1.
Can anybody pls confirm if this a bug and if it is whether it has been
fixed in any builds.
org.apache.ws.security.WSSecurityException: The signature verification
failed
at
org.apache.ws.security.WSSecurityEngine.verifyXMLSignature(WSSecurity
Engine.java:630)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur
ityEngine.java:320)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur
ityEngine.java:245)
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.ja
va:156)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrateg
y.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrateg
y.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453
)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:69
9)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBas
e.java:327)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run
(ServletStubImpl.java:1006)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:419)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:315)
at
weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:6718)
at
weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
121)
at
weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe
rvletContext.java:3764)
at
weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm
pl.java:2644)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
thanks
Anamitra
Anamitra.Bhattach
aryya@mro.com
To
02/24/2006 12:47 wss4j-dev@ws.apache.org
PM cc
Subject
Signature verification problem
Hi
I am trying to test a Signature action from the client to the server. I
have imported the clients certificate into the server store. When I try
invoking the web service I get the following exception. I checked the
message in tcpmon and am not seeing anything to raise a flag except that
the serial number does not match the serial number shown by the keytool
[not sure if its encoded in different way]. I am not sure what I am
missing. I am attaching the server wsdd and the client wsdd and the keytool
commands.
AxisFault
faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: WSDoAllReceiver: security processing failed; nested exception
is:
org.apache.ws.security.WSSecurityException: The signature
verification failed
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}hostname:D2DFJ971
WSDoAllReceiver: security processing failed; nested exception is:
org.apache.ws.security.WSSecurityException: The signature
verification failed
soap header
---------------------
<wsse:Security
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
soapenv:mustUnderstand="1"><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1
"></ds:SignatureMethod>
<ds:Reference URI="#id-27173235">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>bIURuKkNJkvOePjL2w3nNum8KrA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
uH8F5vW9KKvWTs9hJtEq2mWn01+t+MHQCDWvC/gUn/dxqkWpdjfXtfWuhYEkjjE5U4PYpfyqY3De
D5JULLmW2qBJfFUbONFbcpR2VTUi+Ya9c+jcLpSP9dYZ/bys9ey/h5JhZWkEN2ERmwwQCJiKDg6R
522tMtlT9HMFa7GxZ18=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-24697864">
<wsse:SecurityTokenReference
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
"
wsu:Id="STRId-26625789"><ds:X509IssuerSerial>
<ds:X509IssuerName>CN=testalias2</ds:X509IssuerName>
<ds:X509SerialNumber>1140456858</ds:X509SerialNumber>
</ds:X509IssuerSerial></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security>
Server wsdd
--------------------
<service name="MXINVOICEInterface" provider="java:MSG" style="message"
use="literal">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="Signature"/>
<parameter name="signaturePropFile" value="mysigcrypto.properties" />
</handler>
</requestFlow>
<wsdlFile>C:\bea8\user_projects\domains\mydomain\wsdl\MXINVOICEInterface.wsdl</wsdlFile>
<parameter name="allowedMethods" value="processDocument"/>
<parameter name="className"
value="psdi.iface.webservices.MEADocumentService"/>
<parameter name="scope" value="Application"/>
<parameter name="sendXsiTypes" value="false"/>
<parameter name="sendMultiRefs" value="false"/>
</service>
mysigcrypto.properties
-----------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=testsp1
org.apache.ws.security.crypto.merlin.file=teststore1
Clients wsdd
---------------------
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature"/>
<parameter name="user" value="testalias2"/>
<parameter name="signaturePropFile" value="clientsigcrypto.properties"
/>
<parameter name="passwordCallbackClass"
value="psdi.iface.webservices.PWCallBack"/>
</handler>
</requestFlow>
</globalConfiguration>
</deployment>
clientsigcrypto.properties
--------------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=testsp2
org.apache.ws.security.crypto.merlin.file=teststore2
Keytool commands
------------------------------
keytool -genkey -alias testalias1 -keystore teststore1 -dname
"cn=testalias1" -keypass testkp1 -storepass testsp1 -keyalg RSA
keytool -genkey -alias testalias2 -keystore teststore2 -dname
"cn=testalias2" -keypass testkp2 -storepass testsp2 -keyalg RSA
keytool -selfcert -alias testalias1 -keystore teststore1 -keypass testkp1
-storepass testsp1
keytool -selfcert -alias testalias2 -keystore teststore2 -keypass testkp2
-storepass testsp2
keytool -export -keystore teststore2 -alias testalias2 -storepass testsp2
-file testcert2 -rfc
keytool -import -alias testcert2 -file testcert2 -keystore teststore1
-storepass testsp1
Any pointers appeciated.
thanks
Anamitra
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature verification problem [more info from debugging into the
WSSecurityEngine]
Posted by An...@mro.com.
Hi
I debugged further into the exception [as shown below] that was there in
the server logs and I put some some debugs in the
WSSecurityEngine file and checked that with the IssuerSerial token its able
to load the correct certificate [I printed the certificate handle] and
then it gives error in signature verification! thats pretty strange and am
just wondering whether this something to do with the
exclusive c14n used. Not sure if I am hitting a bug there with the xml
security implementation?? Am using wss4j 1.1 with Axis 1.2.1.
Can anybody pls confirm if this a bug and if it is whether it has been
fixed in any builds.
org.apache.ws.security.WSSecurityException: The signature verification
failed
at
org.apache.ws.security.WSSecurityEngine.verifyXMLSignature(WSSecurity
Engine.java:630)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur
ityEngine.java:320)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur
ityEngine.java:245)
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.ja
va:156)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrateg
y.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrateg
y.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453
)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:69
9)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBas
e.java:327)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run
(ServletStubImpl.java:1006)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:419)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubIm
pl.java:315)
at
weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:6718)
at
weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
121)
at
weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe
rvletContext.java:3764)
at
weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm
pl.java:2644)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
thanks
Anamitra
Anamitra.Bhattach
aryya@mro.com
To
02/24/2006 12:47 wss4j-dev@ws.apache.org
PM cc
Subject
Signature verification problem
Hi
I am trying to test a Signature action from the client to the server. I
have imported the clients certificate into the server store. When I try
invoking the web service I get the following exception. I checked the
message in tcpmon and am not seeing anything to raise a flag except that
the serial number does not match the serial number shown by the keytool
[not sure if its encoded in different way]. I am not sure what I am
missing. I am attaching the server wsdd and the client wsdd and the keytool
commands.
AxisFault
faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: WSDoAllReceiver: security processing failed; nested exception
is:
org.apache.ws.security.WSSecurityException: The signature
verification failed
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}hostname:D2DFJ971
WSDoAllReceiver: security processing failed; nested exception is:
org.apache.ws.security.WSSecurityException: The signature
verification failed
soap header
---------------------
<wsse:Security
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
soapenv:mustUnderstand="1"><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1
"></ds:SignatureMethod>
<ds:Reference URI="#id-27173235">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>bIURuKkNJkvOePjL2w3nNum8KrA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
uH8F5vW9KKvWTs9hJtEq2mWn01+t+MHQCDWvC/gUn/dxqkWpdjfXtfWuhYEkjjE5U4PYpfyqY3De
D5JULLmW2qBJfFUbONFbcpR2VTUi+Ya9c+jcLpSP9dYZ/bys9ey/h5JhZWkEN2ERmwwQCJiKDg6R
522tMtlT9HMFa7GxZ18=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-24697864">
<wsse:SecurityTokenReference
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
"
wsu:Id="STRId-26625789"><ds:X509IssuerSerial>
<ds:X509IssuerName>CN=testalias2</ds:X509IssuerName>
<ds:X509SerialNumber>1140456858</ds:X509SerialNumber>
</ds:X509IssuerSerial></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security>
Server wsdd
--------------------
<service name="MXINVOICEInterface" provider="java:MSG" style="message"
use="literal">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="Signature"/>
<parameter name="signaturePropFile" value="mysigcrypto.properties" />
</handler>
</requestFlow>
<wsdlFile>C:\bea8\user_projects\domains\mydomain\wsdl\MXINVOICEInterface.wsdl</wsdlFile>
<parameter name="allowedMethods" value="processDocument"/>
<parameter name="className"
value="psdi.iface.webservices.MEADocumentService"/>
<parameter name="scope" value="Application"/>
<parameter name="sendXsiTypes" value="false"/>
<parameter name="sendMultiRefs" value="false"/>
</service>
mysigcrypto.properties
-----------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=testsp1
org.apache.ws.security.crypto.merlin.file=teststore1
Clients wsdd
---------------------
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature"/>
<parameter name="user" value="testalias2"/>
<parameter name="signaturePropFile" value="clientsigcrypto.properties"
/>
<parameter name="passwordCallbackClass"
value="psdi.iface.webservices.PWCallBack"/>
</handler>
</requestFlow>
</globalConfiguration>
</deployment>
clientsigcrypto.properties
--------------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=testsp2
org.apache.ws.security.crypto.merlin.file=teststore2
Keytool commands
------------------------------
keytool -genkey -alias testalias1 -keystore teststore1 -dname
"cn=testalias1" -keypass testkp1 -storepass testsp1 -keyalg RSA
keytool -genkey -alias testalias2 -keystore teststore2 -dname
"cn=testalias2" -keypass testkp2 -storepass testsp2 -keyalg RSA
keytool -selfcert -alias testalias1 -keystore teststore1 -keypass testkp1
-storepass testsp1
keytool -selfcert -alias testalias2 -keystore teststore2 -keypass testkp2
-storepass testsp2
keytool -export -keystore teststore2 -alias testalias2 -storepass testsp2
-file testcert2 -rfc
keytool -import -alias testcert2 -file testcert2 -keystore teststore1
-storepass testsp1
Any pointers appeciated.
thanks
Anamitra
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org