axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "João Luís Pinto" <>
Subject Supply certificate, useReqSigCert and WS-Policy
Date Mon, 30 Jul 2007 19:29:01 GMT
Hello all,

I'm trying to develop a ws that requires timestamping, signing and
encryption on input and provides them symmetrically on the output.

The client holds in his keystore its key and certificate, the CA
(homemade) certificate and the certificate of the service.

The service holds its key and certificate and the certificate of the
CA, and is configured to use the request certificate to encrypt the
reply by setting useReqSigCert in the rampart configuration in the
policy file. Policy is being used both in the client and on the

Password callback handlers are in place on both sides.

In the start I was setting:

<sp:MustSupportRefKeyIdentifier />
<sp:MustSupportRefIssuerSerial />

in the policy file, and getting from the service:

org.apache.axis2.AxisFault: General security error (Unexpected number
of X509Data: for decryption (KeyId))

Even though the problem seems to be on decryption, I tried (following and replaced
policy with:

<sp:MustSupportRefEmbeddedToken />

I'm now getting

org.apache.axis2.AxisFault: General security error (WSSecurityEngine:
Callback supplied no password for: null)

Any idea on what I'm doing wrong/missing?

Small Brother -

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message