Forum Discussion

IanWatson92's avatar
IanWatson92
Occasional Contributor
11 years ago

SecretKey not supported due to JCEKS keystores not supported

Hello, I am trying to implement Outoing WS-Security to comply with the OWSM "oracle/wss11_username_token_with_message_protection_service_policy" which requires the Signature algorithm of "http://ww...
PiotrG's avatar
PiotrG
Occasional Contributor

What is current ETA?

makix13's avatar
makix13
Frequent Visitor
8 years ago

Hi,

I'm currently with same issue.

My SOAPUI Version is the free one 5.3.0.

Each time I try to configure a jceks with a secret key (for hmac signature):

  • Wed Apr 19 19:34:22 CEST 2017:ERROR:Could not load keystore/truststore
  • Wed Apr 19 19:34:22 CEST 2017:ERROR:java.lang.ClassCastException: javax.crypto.spec.SecretKeySpec cannot be cast to java.security.PrivateKey
  • java.lang.ClassCastException: javax.crypto.spec.SecretKeySpec cannot be cast to java.security.PrivateKey

I saw that there was a feature request SOAP-1153 in 12-09-2013 (https://community.smartbear.com/t5/SoapUI-NG/JCEKS-keystores/td-p/37376)  but it seems it's not implemented, at least in the free one.

 

Any idea about it.

 

Best regards

  • AntonE's avatar
    AntonE
    SmartBear Alumni (Retired)
    8 years ago

    Hi makix13

     

    Your keystore file should have an extension ".jck".

    • Mountazar's avatar
      Mountazar
      Occasional Visitor
      8 years ago

      Hello,

      I had the same issue. When I changed the keystore extension to .jck I could add successfully the keystore containing the secret key.

      In the outgoing/signature dialog I could select the secret key and choose the hmac-sha1 algorithm. However when I tried executing a request, I've encountered the below exception:

       

      ERROR:org.apache.ws.security.WSSecurityException: General security error (No certificates for user secretkey1 were found for signature)

       

      Kindly advise??

       

      Regards