Thanks for the reply and your advice.
I used setUserInfo() and this worked (well, it threw another exception, but not the same one as before), so this looks like this issue has been fixed. It's strange that you have to set the alias twice though, so I did a quick test. You can leave ' keystore.alias' and 'alias.password' blank in crypto.properties and this still works. I'd rather set it all in one place though...
Thanks for the links and reference to xmlsec - I'll check them out.
Ed.
On 09/08/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
Hi Ed,
What is the alias of your private key. This should be available in the keystore.
you have to set the private key alias along with its password in the
WSSecSignature instance. as shown below:
wsSecSignature.setUserInfo ("privateKeyAlias", "privateKeyPasswd");
BTW if you want to encrypt/sign POX then you can directly use the
XML-Sec library. Also you can find a detailed tutorial on setting up
keystores for a typical service and a client here [1]
Thanks,
Ruchith
[1] http://www.wso2.net/tutorials/wss4j/2006/06/15/setting-up-keystores
On 8/9/06, Ed Sweet < [EMAIL PROTECTED]> wrote:
> Hi,
>
> Sorry if this is the wrong place to post a newbie question regarding the
> setup of WSS4J - please direct me to a users list rather than dev list if
> one exists.
>
> I'd like to use WSS4J to sign and encrypt POX messages, I'm not using Axis
> or SOAP. So I'm just getting into WSS4J and am trying to setup a keystore as
> required by crypto.properties. I've used the procedure at the end of the
> email to create a jks keystore, as this is the procedure I use to create a
> working keystore for Tomcat (I guess it's the same procedure...)
>
> Then, I've written a simple app to sign a static xml string, that goes
> something like this:
>
> // setup
> Crypto crypto = CryptoFactory.getInstance();
> Document doc = ...
>
> // sign document
> WSSecSignature wsSecSignature = new WSSecSignature();
> Document signed = wsSecSignature.build(doc, crypto, new WSSecHeader());
>
> When I run this, I get the following exception:
>
> Exception in thread "main" java.lang.NullPointerException
> at
> sun.security.provider.JavaKeyStore$JKS.convertAlias(JavaKeyStore.java:40)
> at
> sun.security.provider.JavaKeyStore.engineGetCertificateChain(JavaKeyStore.java:135)
> at
> java.security.KeyStore.getCertificateChain(KeyStore.java:756)
> at
> org.apache.ws.security.components.crypto.AbstractCrypto.getCertificates
> (AbstractCrypto.java:407)
> at
> org.apache.ws.security.message.WSSecSignature.prepare (WSSecSignature.java:272)
> at
> org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:643)
> at test.Test.main (Test.java:xxx)
>
> The NullPointerException when trying to 'convertAlias' seems to imply
> there's something wrong with the keystore. The alias in the keystore and the
> crypto.properties file match, so I'm stumped.
>
> I'm very grateful of any help/advice you can offer. If this is a
> stupid/basic question then I appologise in advance.
>
> Thanks,
>
> Ed.
>
> ====================
>
> Keystore procedure:
>
> 1) From a .pem format key, cert and CA cert, create the keystore:
>
> openssl pkcs12 -export -in cert.pem -inkey key.pem \\
> -out store.p12 -name myAlias -CAfile cacrt.pem -caname root -chain
>
> 2) Convert the .p12 keystore to .jks format using:
>
> org.mortbay.util.PKCS12Import store.p12 store.jks
>
> 3) Add the CA cert as a trusted CA cert.
>
> keytool -import -trustcacerts -alias "CA Cert" -file cacrt.pem -keystore
> store.jks
>
>
--
www.ruchith.org
