Forum Discussion

Anonymous's avatar
Anonymous
9 years ago

Caused by: org.apache.ws.security.WSSecurityException: Cannot find key for alias: [myclientkey]

I generate key files with keytools command like below,

 

> keytool -genkey -keyalg RSA -sigalg SHA1withRSA -validity 730 -alias myservicekey –keypass serviceprikeypasswd -storepass servicepubpasswd -keystore serviceKeystore.jks -dname "cn=localhost"

> keytool  -genkey -keyalg RSA -sigalg SHA1withRSA –validity 730  -alias myclientkey -keypass clientprikeypasswd -storepass clientpubpasswd -keystore clientKeystore.jks –dname "cn=clientuser"

> keytool -export -rfc -keystore clientKeystore.jks -storepass clientpubpasswd -alias myclientkey –file MyClient.cer 

> keytool -export -rfc -keystore serviceKeystore.jks –storepass servicepubpasswd  -alias myservicekey -file MyService.cer

> keytool -import -trustcacerts -keystore serviceKeystore.jks –storepass servicepubpasswd –alias myclientkey -file MyClient.cer -noprompt

> keytool -import -trustcacerts -keystore clientKeystore.jks -storepass clientpubpasswd –alias myservicekey -file MyService.cer -noprompt

These keys are used in SOAP web service deployment in wildfly 8.2.1 application server. Deployment is successful. However in soapui 5.2.1 application these keys does not work. Following exceptions are thrown,

 

Caused by: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
    at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:163) [wss4j-1.6.17.jar:1.6.17]
    at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:66) [wss4j-1.6.17.jar:1.6.17]
    at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:402) [wss4j-1.6.17.jar:1.6.17]
    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:272) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
    ... 40 more
Caused by: org.apache.ws.security.WSSecurityException: Cannot find key for alias: [myclientkey]
    at org.apache.ws.security.components.crypto.Merlin.getPrivateKey(Merlin.java:651) [wss4j-1.6.17.jar:1.6.17]
    at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:142) [wss4j-1.6.17.jar:1.6.17]
    ... 43 more

And SOAP fault message is

<faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:FailedCheck</faultcode>
<faultstring>The signature or decryption was invalid</faultstring>

Do you have any idea about these exceptions? Does soapui have another option to solve this issue? Pls, inform me how to solve this issue. Thanks

  • Anonymous's avatar
    Anonymous

    Pls, inform me the meaning of this exception statement "ERROR [org.apache.ws.security.components.crypto.Merlin] (default task-44) Cannot find key for alias: [myclientkey] in keystore of type [jks] from provider [SUN version 1.8] with size [2] and aliases: {myservicekey, myclientkey}" and how to solve it.