I followed the instructions from the web file HowToGenerateKeysREADME.html. Here are the steps
keytool -genkeypair -validity 730 -alias tazouxmeidp -keystore D:\Certificates\tazouxme\tazouxme-idp-tomcat.jks -dname "cn=localhost" -keypass tompass -storepass tompass -keysize 2048 -keyalg RSA keytool -keystore D:\Certificates\tazouxme\tazouxme-idp-tomcat.jks -storepass tompass -export -alias tazouxmeidp -file D:\Certificates\tazouxme\tazouxmeidp.crt keytool -genkeypair -validity 730 -alias tazouxmerp -keystore D:\Certificates\tazouxme\tazouxme-rp-tomcat.jks -dname "cn=localhost" -keypass tompass -storepass tompass -keysize 2048 -keyalg RSA keytool -keystore D:\Certificates\tazouxme\tazouxme-rp-tomcat.jks -storepass tompass -export -alias tazouxmerp -file D:\Certificates\tazouxme\tazouxmerp.crt keytool -import -trustcacerts -keystore D:\Certificates\tazouxme\tazouxme-idp-trust.jks -storepass ispass -alias tazouxmeidp -file D:\Certificates\tazouxme\tazouxmeidp.crt -noprompt keytool -genkeypair -keyalg RSA -validity 3600 -alias tazouxme -keystore D:\Certificates\tazouxme\tazouxme.jks -dname "cn=TAZOUXME" -keypass tazouxme -storepass storepass -keysize 2048 keytool -export -rfc -keystore D:\Certificates\tazouxme\tazouxme.jks -storepass storepass -alias tazouxme -file D:\Certificates\tazouxme\tazouxme.crt keytool -import -trustcacerts -keystore D:\Certificates\tazouxme\tazouxme-trust.jks -storepass storepass -alias tazouxme -file D:\Certificates\tazouxme\tazouxme.crt -noprompt keytool -import -trustcacerts -keystore D:\Certificates\tazouxme\tazouxme-trust.jks -storepass storepass -alias tazouxmerp -file D:\Certificates\tazouxme\tazouxmerp.crt -noprompt And I finally added the *.crt in JRE cacerts to make it work. In the <http:conduit> are present - tazouxme-idp-tomcat.jks in <keyManagers> - tazouxme-idp-trust.jks in <trustManagers> In IDP tomcat I set - tazouxme-idp-tomcat.jks - tazouxme-idp-trust.jks In RP tomcat I set - tazouxme-rp-tomcat.jks In IDP Webapp I put - tazouxme-idp-tomcat.jks - tazouxme-idp-trust.jks - tazouxme.jks In STS Webapp I put - tazouxme.jks - tazouxme-trust.jks So finally in the RP Webapp is present - tazouxme-trust.jks So here you have all aliases and passwords needed to test. If it works then my complete IdP is bugged and I will have to rebuild it... Joël -- View this message in context: http://cxf.547215.n5.nabble.com/Sorry-CXF-Fediz-IDP-cannot-satisfy-your-request-tp5760366p5760467.html Sent from the cxf-user mailing list archive at Nabble.com.
