Help(urgent) : My Keypair did not work for wss4j project (wss4j\interop example)

[Elilvannan Nagarajah]

Hi all,        I tried to use the wss4j project for adding security for my web services. For my web service I want to add signature and encryption type of security.  First I tested the interop example (tested with 'bob' and 'alice' entries) in the wss4j project. That works fine.                Then I tried to create my key store (using keytool) and generated 2 keypairs one for server and one for client. I configured correctly all properties ( I replace the entries ‘bob’ and ‘alice’ with my own aliases name ‘affnoserver’ and ‘affnoclinet’). But for my case client side is working fine (encrypt the request and sign and send) but in the serverside I got an exception (when decrypting).   This is the exception trace ----   org.apache.ws.security.WSSecurityException: Cannot encrypt/decrypt data; nested exception is:         java.security.UnrecoverableKeyException: Cannot recover key         at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte dKey(EncryptedKeyProcessor.java:268)         at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte dKey(EncryptedKeyProcessor.java:81)         at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(En cryptedKeyProcessor.java:75)         at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur ityEngine.java:252)         at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur ityEngine.java:179)         at org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.ja va:159)          this is my key store :       Keystore type: jks Keystore provider: SUN   Your keystore contains 2 entries   Alias name: affnoserver Creation date: Dec 2, 2005 Entry type: keyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=affnoserver, OU=affno, O=eng, L=col, ST=col, C=sl Issuer: CN=affnoserver, OU=affno, O=eng, L=col, ST=col, C=sl Serial number: 43900be2 Valid from: Fri Dec 02 14:54:58 LKT 2005 until: Thu Mar 02 14:54:58 LKT 2006 Certificate fingerprints:          MD5:  23:92:DD:B9:D5:CA:66:5B:AD:92:27:0E:48:11:8C:75          SHA1: AB:13:03:92:32:FD:EA:51:DE:DD:9E:7C:DD:90:DD:35:96:52:25:08     ******************************************* *******************************************     Alias name: affnoclient Creation date: Dec 2, 2005 Entry type: keyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=affnoclient, OU=affno, O=eng, L=col, ST=col, C=SL Issuer: CN=affnoclient, OU=affno, O=eng, L=col, ST=col, C=SL Serial number: 43904844 Valid from: Fri Dec 02 19:12:36 LKT 2005 until: Thu Mar 02 19:12:36 LKT 2006 Certificate fingerprints:          MD5:  B3:76:5E:F5:81:1A:80:9E:0A:9A:FA:A3:36:8E:D7:C3          SHA1: 51:D7:04:8F:4C:5D:4F:F9:21:B0:41:B3:58:8B:E9:FB:FA:98:6A:D2     ******************************************* *******************************************   I used following commands for creating this key store.   keytool -genkey -keyalg RSA -alias affnoserver -keystore affnoserver.jks   -keypass XXXXXXX  -storepass password   keytool -genkey -keyalg RSA -alias affnoclient -keystore affnoserver.jks   -keypass XXXXXXX  -storepass password     Should I use some other commands to create this key store (like openssl or PKCS12 format ...)   Please anybody can help me how to create my own keystore and keypairs for this wss4j project?     Thanks and best regards, N.Elilvannan