camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Newcomb <>
Subject Re: XMLSecurity key recovery fails when keystore and key use different passwords
Date Wed, 29 Aug 2012 05:16:41 GMT
Quick follow up.  I went ahead and created the patch to enable a
"keyPassword" to be specified.  In the patch, the key password will only be
used to retrieve a private key during the unmarshal action.

For example:



I'm not sure if the patch will be accepted straight away, but feel free to
give it a try and provide comments as useful.


On Tue, Aug 28, 2012 at 10:49 PM, Rich Newcomb <>wrote:

> Hi Dominik,
> The example you provided is a little bit confusing.  The PUBLIC key of the
> recipient is applied for asymmetric encryption.  So, there no need to
> access a password-protected key when the data is being marshalled.
>  However, the recipient will use a PRIVATE key from a key store to decrypt
> / unmarshall the message.
> It is possible that the private key could have a password that is
> different than the keystore password.  That feature is not currently
> supported, but in my opinion it should be.
> I created a ticket for this:
> I'll try to have a look at this in the next several days.
> -Rich
> On Tue, Aug 28, 2012 at 6:18 PM, ychawla <>wrote:
>> Hi Dominik,
>> I think this is the default behavior in Java.  Whenever I work with
>> keystores, the keystore password must match the key password.
>> This could be due to the KeyManagerFactory implementation:
>> It only allows for a single password.
>> Thanks,
>> Yogesh
>> --
>> View this message in context:
>> Sent from the Camel - Users mailing list archive at

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message