Thanks Nitin, you were right. The problem was solely that word (keystore) at the crypto.properties entry.
Thanks a lot for your support. Alex 2009/8/17 Nitin Handa <nitin.ha...@oracle.com> > JKS and environment is perfectly fine.. > > I see your crypto.properties file is not something I am using.. > > For me this is working fine- > > > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin > org.apache.ws.security.crypto.merlin.keystore.type=jks > org.apache.ws.security.crypto.merlin.keystore.password=welcome1 > org.apache.ws.security.crypto.merlin.file=default-keystore.jks > > > Please note the difference in the way i mentioned keystore file.. > my - org.apache.ws.security.crypto.merlin.file=default-keystore.jks > your - org.apache.ws.security.crypto.merlin.*keystore*.file=privkeystore > > Thanks > Nitin > > > Alexandre Veloso de Matos wrote: > >> Hi NItin, >> >> I tried to copy both privkeystore and crypto.properties to >> WEB-INF/classes. And I also checked my keystore and as you can see bellow, >> this has both the private key and trusted certificate. >> >> Even with these two attempts the same exception is *thrown*. >> >> I suspect that there is some limitation on the type of keystore I'm using >> (jks) and the deployment environment (wss4j-1.5.7 + tomcat + axis1.4) - am >> I right ? >> >> Thanks for your help Nitin. I'll be very grateful for any support. >> >> Best regards, >> >> Alex >> >> ************************my privkeystore >> ------------------------------------------------------------------------------ >> Keystore type: JKS >> Keystore provider: SUN >> >> Your keystore contains 2 entries >> >> Alias name: privkey >> Creation date: 17/Ago/2009 >> Entry type: PrivateKeyEntry >> Certificate chain length: 1 >> Certificate[1]: >> Owner: CN=privkey >> Issuer: CN=privkey >> Serial number: 4a892d57 >> Valid from: Mon Aug 17 11:13:43 WEST 2009 until: Sun Nov 15 10:13:43 WET >> 2009 >> Certificate fingerprints: >> MD5: 73:C3:F4:BA:7E:54:E1:4E:2F:1A:B3:4A:60:92:C9:56 >> SHA1: CE:CE:D9:0A:ED:47:34:70:5D:10:A3:2C:00:6B:8E:84:70:64:44:13 >> Signature algorithm name: SHA1withDSA >> Version: 3 >> >> >> ******************************************* >> ******************************************* >> >> >> Alias name: pubcert >> Creation date: 17/Ago/2009 >> Entry type: trustedCertEntry >> >> Owner: CN=pubcert >> Issuer: CN=pubcert >> Serial number: 4a892d58 >> Valid from: Mon Aug 17 11:13:44 WEST 2009 until: Sun Nov 15 10:13:44 WET >> 2009 >> Certificate fingerprints: >> MD5: 51:34:C6:D8:8D:27:9B:EB:35:8C:47:EE:AD:B8:A1:05 >> SHA1: 89:C2:CC:BF:F2:31:87:20:E7:AB:14:16:8B:B1:BE:8B:58:9A:D0:64 >> Signature algorithm name: SHA1withDSA >> Version: 3 >> >> >> ******************************************* >> ******************************************* >> >> >> 2009/8/17 Nitin Handa <nitin.ha...@oracle.com <mailto: >> nitin.ha...@oracle.com>> >> >> >> Try copying your keystore and cryptp.properties to your >> WEB-INF/classes folder. >> >> Other thing to check out is your privkey should also have >> certificates in keystore apart from private key. >> >> HTH, >> Nitin >> >> >> >> Alexandre Veloso de Matos wrote: >> >> Dear all, >> >> I suppose this a question already addressed before. However, >> even with the help of former responses I couldn't achieve an >> answer to my problem. >> >> I have a web service. I want to sign any call to this web >> service. For this I provided a keystore from where public and >> private keys should be gathered. In fact, I tried to follow >> the guidelines from this tutorial: >> http://www.devx.com/Java/Article/28816/1954?pf=true. >> >> I've been receiving constantly the following exception: >> >> org.apache.ws.security.WSSecurityException: Error during >> Signature: ; nested exception is: >> org.apache.ws.security.WSSecurityException: General >> security error (No certificates for user privkey were found >> for signature)nothing >> at >> >> >> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60) >> at >> >> org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:201) >> at >> >> org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168) >> at >> >> >> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) >> at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) >> at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) >> at >> org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) >> at org.apache.axis.client.Call.invokeEngine(Call.java:2784) >> at org.apache.axis.client.Call.invoke(Call.java:2767) >> at org.apache.axis.client.Call.invoke(Call.java:2443) >> at org.apache.axis.client.Call.invoke(Call.java:2366) >> at org.apache.axis.client.Call.invoke(Call.java:1812) >> at wss.client.PubCertClient.main(PubCertClient.java:57) >> Caused by: org.apache.ws.security.WSSecurityException: General >> security error (No certificates for user privkey were found >> for signature) >> at >> >> >> org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:311) >> at >> >> org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:748) >> at >> >> >> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) >> ... 12 more >> >> In order to clarify, my client deployment is guided by the >> following: >> >> <deployment name="ClientConfig" >> xmlns="http://xml.apache.org/axis/wsdd/" >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> >> <transport name="http" >> pivot="java:org.apache.axis.transport.http.HTTPSender"/> >> <globalConfiguration > >> <requestFlow> >> <handler >> type="java:org.apache.ws.axis.security.WSDoAllSender" > >> <parameter name="user" value="privkey"/> >> <parameter name="passwordCallbackClass" >> value="wss.client.PWCallback"/> >> <parameter name="action" value="Signature Encrypt"/> >> <parameter name="signaturePropFile" >> value="crypto.properties" /> >> </handler> >> </requestFlow> >> </globalConfiguration > >> </deployment> >> >> and the server deployment descriptor is the following: >> >> <deployment >> xmlns="http://xml.apache.org/axis/wsdd/" >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> >> >> <!-- Services from SignService WSDL service --> >> >> <service name="wss_service" provider="java:RPC" style="rpc" >> use="encoded"> >> <requestFlow> >> <handler >> type="java:org.apache.ws.axis.security.WSDoAllReceiver"> >> <parameter name="passwordCallbackClass" >> value="wss.server.PWCallback"/> >> <parameter name="action" value="Signature Encrypt"/> >> <parameter name="signaturePropFile" >> value="crypto.properties" /> >> </handler> >> </requestFlow> <parameter name="wsdlTargetNamespace" >> value="urn:wss"/> >> <parameter name="wsdlServiceElement" value="SignService"/> >> <parameter name="wsdlServicePort" value="wss_service"/> >> <parameter name="className" >> value="wss.ws.Wss_serviceSoapBindingImpl"/> >> <parameter name="wsdlPortType" value="Sign"/> >> <parameter name="typeMappingVersion" value="1.2"/> >> <operation name="getPubCert" qname="operNS:getPubCert" >> xmlns:operNS="urn:wss" returnQName="getPubCertReturn" >> returnType="rtns:string" >> xmlns:rtns="http://schemas.xmlsoap.org/soap/encoding/" >> soapAction="" > >> </operation> >> <parameter name="allowedMethods" value="getPubCert"/> >> <parameter name="scope" value="Session"/> >> >> </service> >> </deployment> >> >> And my crypto.properties file: >> >> >> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin >> org.apache.ws.security.crypto.merlin.keystore.type=jks >> org.apache.ws.security.crypto.merlin.keystore.password=foobar >> org.apache.ws.security.crypto.merlin.alias.password=foobar >> org.apache.ws.security.crypto.merlin.keystore.alias=privkey >> org.apache.ws.security.crypto.merlin.keystore.file=privkeystore >> >> My latter attempts to bypass these exceptions: >> 1) privkeystore path is on classpath >> 2) there is a callback that returns the password for the alias >> privkey (foobar) >> 3) the crypto.properties is also on classpath >> >> Thanks for any clue on what could be happening. >> >> Best regards, >> >> Alex >> >> >> -- Alexandre Veloso de Matos >> Phd Student - Informatics Engineering Department >> University of Coimbra - Coimbra, Portugal >> >> >> >> >> >> -- >> Alexandre Veloso de Matos >> Phd Student - Informatics Engineering Department >> University of Coimbra - Coimbra, Portugal >> > > -- Alexandre Veloso de Matos Phd Student - Informatics Engineering Department University of Coimbra - Coimbra, Portugal