wss4j: - Impossibile trovare la chiave per Alias: Monit
https://stackoverflow.com/questions/1593253
-
22-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianDomanda
Quando definisco (con asse 1.4 un wss4j) nel client-config.wsdd per WSDoAllSender e WSDoAllReceiver diversi signaturePropFiles dove ho diversi negozi chiave definite con diversi certificati, sono in grado di avere diversi certificati per l'invio e la ricezione di. Ma quando io uso le stesse signaturePropFiles' con la stessa chiavi. Ottengo questo messaggio quando provo a trasmettere un messaggio:
org.apache.ws.security.components.crypto.CryptoBase -- Cannot find key for alias: [monit] in keystore of type [jks] from provider [SUN version 1.5] with size [2] and aliases: {other, monit}
- Error during Signature: ; nested exception is:
org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
java.lang.Exception: Cannot find key for alias: [monit]
org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is:
org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
java.lang.Exception: Cannot find key for alias: [monit]
at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60)
at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202)
at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at cz.xxx.opf.model.wsclient.ModelWebServiceSoapBindingStub.getStatus(ModelWebServiceSoapBindingStub.java:213)
at cz.xxx.opf.wsgemonitor.monitor.util.MonitorUtil.checkStatus(MonitorUtil.java:18)
at cz.xxx.opf.wsgemonitor.monitor.Test02WsMonitor.runTest(Test02WsMonitor.java:23)
at cz.xxx.opf.wsgemonitor.Main.main(Main.java:75)
Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
java.lang.Exception: Cannot find key for alias: [monit]
at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:721)
at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:780)
at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
... 15 more
Caused by: java.lang.Exception: Cannot find key for alias: [monit]
at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:214)
at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:713)
... 17 more
Come avere due certificati per wss4j nella stessa chiavi? il motivo per cui non riesce a trovare il mio certificato lì quando ho due certificati in un archivio chiavi.
Ho la stessa password per entrambi i certificati per quanto riguarda PWCallback (CallbackHandler)
file Miei annunci:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keystore
org.apache.ws.security.crypto.merlin.keystore.alias=monit
org.apache.ws.security.crypto.merlin.alias.password=***
org.apache.ws.security.crypto.merlin.file=key.jks
Il mio cliente-config.wsdd:
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<globalConfiguration>
<requestFlow>
<handler name="WSSecurity" type="java:org.apache.ws.axis.security.WSDoAllSender">
<parameter name="user" value="monit"/>
<parameter name="passwordCallbackClass" value="cz.xxx.opf.common.ws.PWCallback"/>
<parameter name="action" value="Signature"/>
<parameter name="signaturePropFile" value="monit.properties"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="mustUnderstand" value="0"/>
</handler>
<handler type="java:org.apache.axis.handlers.JWSHandler">
<parameter name="scope" value="session"/>
</handler>
<handler type="java:org.apache.axis.handlers.JWSHandler">
<parameter name="scope" value="request"/>
<parameter name="extension" value=".jwr"/>
</handler>
</requestFlow>
<responseFlow>
<handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="user" value="other"/>
<parameter name="passwordCallbackClass" value="cz.xxx.opf.common.ws.PWCallback"/>
<parameter name="action" value="Signature"/>
<parameter name="signaturePropFile" value="other.properties"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
</handler>
</responseFlow>
</globalConfiguration>
<transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender">
</transport>
</deployment>
Elencando keytool: keytool -keystore Monit-key.jks -v -list
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
Alias name: other
Creation date: Jul 22, 2009
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
....
Alias name: monit
Creation date: Oct 19, 2009
Entry type: trustedCertEntry
Soluzione
Ho risolto che mesi fa e se qualcuno bisogno. problema era che non avevo la chiave privata nel keystore.
Altri suggerimenti
Stavo usando JDK di Sun che era dando un problema quando ho cambiato in IBM JDK allora problema è andato via
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
