Error when testing webservice (JBoss 5) using ws-security (x509v3)
Hi,
I have a a web-service that I like to test by soapUI. The service is deployed on jboss5 and is encrypted by ws-security.
A client exists, developed in Java (using jboss client libraries), to this web-service. The client can successfully invoke the service.
I can successfully test the service by soapUI if ws-security is disable but not if it isn’t, my question is if you know what I’m doing wrong.
The webservice and the corresponding client was created following the instructions in the book ‘Jboss in action’. I have done the following:
1. Generate certificate: The client and server certificate and public key was generated using java keytool. The server and client public key was exported and added to client and server keystore, respectively. Accoring to:
keytool -genkey -alias server -keyalg RSA -keystore server.keystore
keytool -genkey -alias client -keyalg RSA -keystore client.keystore
keytool -export -alias server -keystore server.keystore -file server_pub.key
keytool -export -alias client -keystore client.keystore -file client_pub.key
keytool -import -alias client -keystore server.keystore -file client_pub.key
keytool -import -alias server -keystore client.keystore -file server_pub.key
2. Configuration of client and server: encryption type is defined as x509v3
soapUI (3.0.1):
I have done the following in soapUI:
1. Added Keystore. I added server as default alias while this contains the server public certificate. I didn’t add a password while this alias didn’t contain any private certificate.
2. Outgoing WS-security configurations:
a. Alias is server while we need the server public key
b. Key identifier type is X509 certificate.
c. I did not provide a password, while the alias don’t contain any private key.
3. When running this configuration I get the following response: "an internal ws-security error occurred"
The error log on Jboss describe the following:
org.jboss.ws.extensions.security.exception.WSSecurityException: Currently only SubjectKeyIdentifiers are supported, was passed: http://docs.oasis-open.org/wss/2004/01/ ... 1.0#X509v3
I tried to use other configurations of the Key Identifier type but also these failed.
See attached document for SOAP requests sent by soapUI and Java client.
Best regards
Michael
I have a a web-service that I like to test by soapUI. The service is deployed on jboss5 and is encrypted by ws-security.
A client exists, developed in Java (using jboss client libraries), to this web-service. The client can successfully invoke the service.
I can successfully test the service by soapUI if ws-security is disable but not if it isn’t, my question is if you know what I’m doing wrong.
The webservice and the corresponding client was created following the instructions in the book ‘Jboss in action’. I have done the following:
1. Generate certificate: The client and server certificate and public key was generated using java keytool. The server and client public key was exported and added to client and server keystore, respectively. Accoring to:
keytool -genkey -alias server -keyalg RSA -keystore server.keystore
keytool -genkey -alias client -keyalg RSA -keystore client.keystore
keytool -export -alias server -keystore server.keystore -file server_pub.key
keytool -export -alias client -keystore client.keystore -file client_pub.key
keytool -import -alias client -keystore server.keystore -file client_pub.key
keytool -import -alias server -keystore client.keystore -file server_pub.key
2. Configuration of client and server: encryption type is defined as x509v3
soapUI (3.0.1):
I have done the following in soapUI:
1. Added Keystore. I added server as default alias while this contains the server public certificate. I didn’t add a password while this alias didn’t contain any private certificate.
2. Outgoing WS-security configurations:
a. Alias is server while we need the server public key
b. Key identifier type is X509 certificate.
c. I did not provide a password, while the alias don’t contain any private key.
3. When running this configuration I get the following response: "an internal ws-security error occurred"
The error log on Jboss describe the following:
org.jboss.ws.extensions.security.exception.WSSecurityException: Currently only SubjectKeyIdentifiers are supported, was passed: http://docs.oasis-open.org/wss/2004/01/ ... 1.0#X509v3
I tried to use other configurations of the Key Identifier type but also these failed.
See attached document for SOAP requests sent by soapUI and Java client.
Best regards
Michael
.