You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by Shawn McKinney <sm...@sbcglobal.net> on 2005/10/27 21:19:11 UTC
WSDoAllReceiver error: Too many certificates in chain
Having a problem running transaction through our WAS 6
Axis server that has WSS4J DoAllReceiver handler
enabled.
The server is running AIX 5.2
The application server is WAS 6
Axis 1.2
WSS4J 1.1.0
I can run the same transaction with exact
configuration and deployment characteristics through a
WAS 6 server running on
RedHat Enterprise 4. I only get this error when
running against the server on AIX.
On a hunch, I recreated the server-side keystore using
the WAS 6 AIX keytool. I then reimported the
server-side public key into the client
side keystore. To make sure everything was still
good, I tested the new keystores on my RHE4 WAS
instance.
But, when I then ran my transactions through the AIX
server, it failed with the errors below.
Can somebody tell me what I'm doing wrong?
Client-side wsdd:
<handler
type="java:org.apache.ws.axis.security.WSDoAllSender"
>
<parameter name="action" value="UsernameToken
Encrypt Timestamp"/>
<parameter name="passwordCallbackClass"
value="com.fnf.xes.framework.axis.security.client.PWClientCallback"/>
<parameter name="passwordType"
value="PasswordText" />
<parameter name="encryptionKeyIdentifier"
value="X509KeyIdentifier" />
<parameter name="encryptionUser"
value="xespublickey" />
<parameter name="encryptionPropFile"
value="crypto.client.properties" />
<parameter name="encryptionParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken"
/>
</handler>
Server-side wsdd:
<handler
type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="com.fnf.xes.framework.axis.security.server.PWServerCallback"/>
<parameter name="action" value="UsernameToken
Encrypt Timestamp"/>
<parameter name="decryptionPropFile"
value="crypto.server.properties"/>
</handler>
Axis Client receives this error:
************ client-side trace
Exception in thread "main" AxisFault
faultCode: {http://xml.apache.org/axis/}Server
faultSubcode:
faultString: Server Error
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:Server
Error
at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:473)
at
org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1216)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:630)
at
com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:80)
at
com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1752)
at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:77)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:466)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:405)
at
com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:104)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:941)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1028)
at
com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1394)
{http://xml.apache.org/axis/}hostname:ATLX12AC7.atldev.com
************ end client-side trace
************ server-side trace
Server Error
at
org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:221)
at
org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:128)
at
org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at
org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1712)
at
org.apache.crimson.parser.Parser2.content(Parser2.java:1963)
at
org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691)
at
org.apache.crimson.parser.Parser2.content(Parser2.java:1963)
at
org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691)
at
org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:667)
at
org.apache.crimson.parser.Parser2.parse(Parser2.java:337)
at
org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:448)
at
javax.xml.parsers.SAXParser.parse(SAXParser.java:345)
at
org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
at
org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
at
org.apache.axis.Message.getSOAPEnvelope(Message.java:424)
at
org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:62)
at
org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at
org.apache.axis.client.Call.invokeEngine(Call.java:2765)
at
org.apache.axis.client.Call.invoke(Call.java:2748)
at
org.apache.axis.client.Call.invoke(Call.java:1784)
at
samples.message.TestIFXMsg.doit(TestIFXMsg.java:162)
at
samples.message.TestIFXMsg.main(TestIFXMsg.java:184)
Server log has this error:
[10/27/05 13:50:56:012 EDT] 0000003c CryptoFactory I
Using Crypto Engine
[org.apache.ws.security.components.crypto.Merlin]
[10/27/05 13:51:18:035 EDT] 0000003c CryptoFactory E
Unable to instantiate (1):
org.apache.ws.security.components.crypto.Merlin
[10/27/05 13:51:18:055 EDT] 0000003c CryptoFactory E
TRAS0014I: The following exception was logged
java.lang.reflect.InvocationTargetException
at
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java(Compiled
Code))
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java(Compiled
Code))
at
java.lang.reflect.Constructor.newInstance(Constructor.java(Compiled
Code))
at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:117)
at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:101)
at
org.apache.ws.security.handler.WSHandler.loadDecryptionCrypto(WSHandler.java:835)
at
org.apache.ws.security.handler.WSHandler.decodeDecryptionParameter(WSHandler.java:858)
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:151)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
at
org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1216)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:630)
at
com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:2872)
at
com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:220)
at
com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:204)
at
com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1779)
at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:77)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:466)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:405)
at
com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:104)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:941)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1028)
at
com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1394)
Caused by:
org.apache.ws.security.components.crypto.CredentialException:
Failed to load credentials. Inner Exception: [Too many
certificates in chain]
at
org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:530)
at
org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:119)
... 36 more
.
java.lang.reflect.InvocationTargetException
at
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java(Compiled
Code))
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java(Compiled
Code))
at
java.lang.reflect.Constructor.newInstance(Constructor.java(Compiled
Code))
at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:117)
at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:101)
at
org.apache.ws.security.handler.WSHandler.loadDecryptionCrypto(WSHandler.java:835)
at
org.apache.ws.security.handler.WSHandler.decodeDecryptionParameter(WSHandler.java:858)
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:151)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
at
org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1216)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:630)
at
com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:2872)
at
com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:220)
at
com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:204)
at
com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1779)
at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:77)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:466)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:405)
at
com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:104)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:941)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1028)
at
com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1394)
Caused by:
org.apache.ws.security.components.crypto.CredentialException:
Failed to load credentials. Inner Exception: [Too many
certificates in chain]
at
org.apache.ws.security.components.crypto.Merlin.load(Merlin.java:530)
at
org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:119)
... 36 more
[10/27/05 13:51:18:090 EDT] 0000003c CryptoFactory E
Unable to instantiate (2):
org.apache.ws.security.components.crypto.Merlin
[10/27/05 13:51:18:109 EDT] 0000003c CryptoFactory E
TRAS0014I: The following exception was logged
java.lang.InstantiationException:
org.apache.ws.security.components.crypto.Merlin
at
java.lang.Class.newInstance3(Class.java(Compiled
Code))
at
java.lang.Class.newInstance(Class.java(Compiled Code))
at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:125)
at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:101)
at
org.apache.ws.security.handler.WSHandler.loadDecryptionCrypto(WSHandler.java:835)
at
org.apache.ws.security.handler.WSHandler.decodeDecryptionParameter(WSHandler.java:858)
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:151)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
at
org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1216)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:630)
at
com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:2872)
at
com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:220)
at
com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:204)
at
com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1779)
at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:77)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:466)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:405)
at
com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:104)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:941)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1028)
at
com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1394)
.
java.lang.InstantiationException:
org.apache.ws.security.components.crypto.Merlin
at
java.lang.Class.newInstance3(Class.java(Compiled
Code))
at
java.lang.Class.newInstance(Class.java(Compiled Code))
at
org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:125)
at
org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:101)
at
org.apache.ws.security.handler.WSHandler.loadDecryptionCrypto(WSHandler.java:835)
at
org.apache.ws.security.handler.WSHandler.decodeDecryptionParameter(WSHandler.java:858)
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:151)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
at
org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at
org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1216)
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:630)
at
com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:2872)
at
com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:220)
at
com.ibm.ws.webcontainer.VirtualHost.handleRequest(VirtualHost.java:204)
at
com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:1779)
at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:77)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:466)
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:405)
at
com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:104)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.requestComplete(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.attemptIO(WorkQueueManager.java(Compiled
Code))
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager.workerRun(WorkQueueManager.java:941)
at
com.ibm.ws.tcp.channel.impl.WorkQueueManager$Worker.run(WorkQueueManager.java:1028)
at
com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1394)
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org