[
https://issues.apache.org/jira/browse/RAMPART-226?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12973533#action_12973533
]
Thilina Buddhika edited comment on RAMPART-226 at 12/21/10 5:38 AM:
--------------------------------------------------------------------
Hi Amul,
Please note that parameter based configuration is deprecated currently.
As a work around, you can write a custom implementation and plug it through the
module.xml and use it instead of the default WSDoAllReceiver class. In your
implementation, you will have to override the verifyTrust() method inherited
from the WSHandler class in WSS4J.
Thanks,
Thilina
was (Author: thilinamb):
Hi Amul,
You can write a custom implementation and plug it through the module.xml and
use it instead of the default WSDoAllReceiver class. In your implementation,
you will have to override the verifyTrust() method inherited from the WSHandler
class in WSS4J.
Thanks,
Thilina
> The certificate used for the signature is not trusted
> -----------------------------------------------------
>
> Key: RAMPART-226
> URL: https://issues.apache.org/jira/browse/RAMPART-226
> Project: Rampart
> Issue Type: Question
> Components: rampart-core
> Affects Versions: 1.4
> Environment: IBM Websphere 6.1
> Solaris 10
> Axis2 1.4.1
> Rampart 1.4
> Reporter: Amulkumar Patel
> Assignee: Ruchith Udayanga Fernando
> Priority: Critical
> Fix For: NextVersion
>
>
> - Here is brief summary of installation
> - We installed IBM websphere 6 on solaria 10 box. We are on axis2 1.4.1 and
> rampart 1.4.
> - We generated X509 certs using openssl and got the public key from trusted
> authority.
> - Both service and client certs looks ok.
> - We used Timestamp, Encrypt and Signature options in service.xml
> - When client request sent to server, it decrypts successfully and validates
> signature successfully but after than it failed saying certificate is not
> trusted.
> Here is stack of error. Please take a look at and let me know if you have any
> idea why it is happening:
> 2009-04-21 18:01:19,187 [WebContainer : 0] ERROR
> org.apache.axis2.engine.AxisEngine - WSDoAllReceiver: The certificate used
> for the signature is not trusted
> org.apache.axis2.AxisFault: WSDoAllReceiver: The certificate used for the
> signature is not trusted
> at
> org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:292)
> at
> org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
> at
> org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> at
> com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989)
> at
> com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501)
> at
> com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464)
> at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3276)
> at
> com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:267)
> at
> com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811)
> at
> com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455)
> at
> com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113)
> at
> com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454)
> at
> com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383)
> at
> com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:263)
> at
> com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
> at
> com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
> at
> com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
> at
> com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
> at
> com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
> at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
> at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195)
> at
> com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743)
> at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873)
> at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469)
> --- Used following properties for validatio
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
