Problem while decrypting soap message

[Pramod Pawar]

Hi Werner,   I am using WSS4J and I have created my java key store using key tool java. I am successfully able to sign and verify soap messages. I am also able to encrypt the soap message using the same key store, but my service is not able to decrypt the soap message. It’s showing error message as mentioned below,           org.apache.ws.security.WSSecurityException: Cannot encrypt/decrypt data;  nested exception is:         java.lang.Exception: Cannot find key for alias: tomcat  faultActor:  faultNode:  faultDetail:         {http://xml.apache.org/axis/}hostname:ppawardev   WSDoAllReceiver: security processing failed; nested exception is:         org.apache.ws.security.WSSecurityException: Cannot encrypt/decrypt data;  nested exception is:         java.lang.Exception: Cannot find key for alias: tomcat         at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222)     Is there anything that I am missing while creating the keystore? Please find the steps below that I have followed for creating the keystores   echo Generating the Server KeyStore in file server.keystore "%java_home%\bin\keytool" -genkey -alias tomcat-sv -dname "CN=localhost, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore   echo Exporting the certificate from keystore to an external file server.cer "%java_home%\bin\keytool" -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore   echo Generating the Client KeyStore in file client.keystore "%java_home%\bin\keytool" -genkey -alias tomcat-cl -dname "CN=Client, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore   echo Exporting the certificate from keystore to external file client.cer "%java_home%\bin\keytool" -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore   echo Importing Client's certificate into Server's keystore "%java_home%\bin\keytool" -import -v -trustcacerts -alias tomcat -file server.cer -keystore client.keystore -keypass changeit -storepass changeit   echo Importing Server's certificate into Client's keystore "%java_home%\bin\keytool" -import -v -trustcacerts -alias tomcat -file client.cer -keystore server.keystore -keypass changeit -storepass changeit     Please advice.   Thanks – Pramod