Hey Jorge, 
It worked, it was the parameter when generating the certificate.
 
Thanks
Luis

________________________________

From: Jorge Fernandez [mailto:[EMAIL PROTECTED] 
Sent: Sunday, March 18, 2007 7:21 AM
To: axis-user@ws.apache.org
Subject: RE: An unsupported token was provided (Problem with SKI information: 
Support for RSA key only)


Hi Luis,

I'm unsure but maybe the problem is the algorithm with which you generate the 
keystore. Default algorithm is DSA and as your error seems to say: Support for 
RSA key only as it is really. So I think if you add  -keyalg RSA option to the 
command to generate the keystore, this problem will dissapear.

This is a tutorial about how keytool works:

http://publib.boulder.ibm.com/html/as400/v5r1/ic2931/index.htm?info/rzaha/keytool.htm

Regards,

Jorge Fernández




"Diaz, Luis (GE Comm Fin, non-ge)" <[EMAIL PROTECTED]> escribió: 

        Hello, As you can see I'm new to  Axis2, with rampart to Encrypt a 
Service. 
        I'm trying to use the Axis2, with rampart Im getting the following 
error: 
        WSHandler: Signature: error during message 
procesingorg.apache.ws.security.WSSecurityException: An unsupported token was 
provided (Problem with SKI information: Support for RSA key only) , does any 
one has a clue on it or a better way to generate a key and/or Encrypt a Service?
        This is a link to a sample im doing  sample to Encrypt 
(http://www-128.ibm.com/developerworks/edu/ws-dw-ws-understand-web-services4.html?S_TACT=105AGX52&S_CMP=cn-t-ws
 
<http://www-128.ibm.com/developerworks/edu/ws-dw-ws-understand-web-services4.html?S_TACT=105AGX52&S_CMP=cn-t-ws>
 )
        My key was generated as follows 
        keytool -genkey -keystore mykeys.jks -alias gene 
        -- 
        C:\sign>keytool -genkey -keystore mykeys.jks -alias gene 
        Enter keystore password:  password 
        What is your first and last name? 
          [Unknown]:  Gene Telluride 
        What is the name of your organizational unit? 
          [Unknown]:  Information technologies 
        What is the name of your organization? 
          [Unknown]:  The Daily Moon 
        What is the name of your City or Locality? 
          [Unknown]:  NY 
        What is the name of your State or Province? 
          [Unknown]:  US 
        What is the two-letter country code for this unit? 
          [Unknown]:  US 
        Is CN=Gene Telluride, OU=Information technologies, O=The Daily Moon, 
L=NY, ST=US, C=US correct? 
          [no]:  yes 
        Enter key password for <gene> 
                (RETURN if same as keystore password):password 
        -- 
          
        The following is my security properties file: 
        
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
 
        org.apache.ws.security.crypto.merlin.keystore.type=jks 
        org.apache.ws.security.crypto.merlin.keystore.password=password 
        org.apache.ws.security.crypto.merlin.file=mykeys.jks 
        This is part of my axis code Client code: (Axis2.xml) 
         <module ref="rampart"/> 
            
            <parameter name="OutflowSecurity"> 
              <action> 
                <items>Timestamp Signature</items> 
                <user>gene</user> 
                <passwordCallbackClass>PWCallback</passwordCallbackClass> 
                <signaturePropFile>security.properties</signaturePropFile> 
                
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier> 
                
<signatureParts>{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
              </action> 
            </parameter> 
            <parameter name="InflowSecurity"> 
              <action> 
                <items>Timestamp Signature Encrypt</items> 
                <user>gene</user> 
                <passwordCallbackClass>PWCallback</passwordCallbackClass> 
                <signaturePropFile>security.properties</signaturePropFile> 
                
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier> 
                
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier> 
                <encryptionUser>gene</encryptionUser> 
                
<signatureParts>{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body</signatureParts>
 
                
<optimizeParts>//xenc:EncryptedData/xenc:CipherValue/xenc:CipherData</optimizeParts>
 
              </action> 
            </parameter> 
        Server: (Services.xml) 

            <parameter name="InflowSecurity"> 
               <action> 
                    <items>Timestamp Signature</items> 
                    <passwordCallbackClass>PWCallback</passwordCallbackClass> 
                    <signaturePropFile>security.properties</signaturePropFile> 
               </action> 
            </parameter> 
            <parameter name="OutflowSecurity"> 
              <action> 
                <items>Timestamp Signature Encrypt</items> 
                <user>gene</user> 
                <passwordCallbackClass>PWCallback</passwordCallbackClass> 
                <signaturePropFile>security.properties</signaturePropFile> 
                
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier> 
                
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier> 
                <encryptionUser>bob</encryptionUser> 
                
<signatureParts>{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body</signatureParts>
 
                
<optimizeParts>//xenc:EncryptedData/xenc:CipherValue/xenc:CipherData</optimizeParts>
 
               </action> 
            </parameter> 


________________________________


LLama Gratis a cualquier PC del Mundo.
Llamadas a fijos y móviles desde 1 céntimo por minuto.
http://es.voice.yahoo.com 
<http://us.rd.yahoo.com/mail/es/tagline/messenger/*http://es.voice.yahoo.com/> 

Reply via email to