On Thursday 25 March 2010 3:39:34 pm Remijan, Michael wrote: > >> Are you sure you are using the right keys? > > I've made every effort to verify this. The 3rd party company publishing > the Web Service sent me the public certificate they have. I have compared > that public certificate to the one generated out of my keystore. The two > matched. I'm fairly confident the right keys are being used, though even > though I received the public certificate from the 3rd party company I > cannot guarantee it is being used properly. > > >> Any chance of capturing the raw "on the wire" messages from both a CXF > >> client as well as WebLogic (or other working client) to see comparisons? > > Yes, I have done this. I compared the output from my CXF client to what > appears in the Web Service log files. They are identical. Furthermore, a > small signature verification program I wrote can successfully verify the > output from my CXF client as well as what appears in the Web Service log > files. If you wish to see them that's OK but I'd prefer to not send them > over the mailing list.
If your sig verification thing works, then I would say it's a problem on the other side. -- Daniel Kulp [email protected] http://dankulp.com/blog
