Hi,
I'm using CXF and WSS4J to develop consumers and providers that exchange
signed soap messages.
Signing the body and timestamp elements works just fine. However, I also
need to sign the x509 certificate that is included in the security header
(using the direct reference strategy).
Below
jbendsen wrote:
Hi,
I'm using CXF and WSS4J to develop consumers and providers that exchange
signed soap messages.
Signing the body and timestamp elements works just fine. However, I also
need to sign the x509 certificate that is included in the security header
(using the direct reference
You're trying to sign an element (BST containing the certificate)
that hasn't been created yet.
This is a bit of an odd use-case -- typically, you'd sign the body of
the message with the private key associated with the public key in
the certificate you are sending, and then do some kin dof