cancel
Showing results for 
Search instead for 
Did you mean: 

X.509 Cert Failing Triple AAA

Occasional Contributor

Re: X.509 Cert Failing Triple AAA

Sent to your e-mail
Occasional Contributor

Re: X.509 Cert Failing Triple AAA

Additional information from IBM datapower support for support that SOAPUI uses for the token type

(IBM Writes)
Thank you for the additional information.
I am still working on the recreate.  However, I would like to confirm that DataPower does support X509PKIPathv1 token. However if we can reproduce that, I can forward it to engineering team to evaluate for possibly bug.
I will contact you again within 2 days with some update or any additional question.
Occasional Contributor

Re: X.509 Cert Failing Triple AAA

Has there been a resolution to this??
Super Contributor

Re: X.509 Cert Failing Triple AAA

Hi Mark,

sorry for the silence, I'm working on this and will let you know when I have more info.. Monday presumably!

regards,

/Ole
eviware.com
Occasional Contributor

Re: X.509 Cert Failing Triple AAA

Thanks.. I apperciate the help.. I'll look for something Monday.. HAGW..
Super Contributor

Re: X.509 Cert Failing Triple AAA

Hi Mark,

ok, I've dug into this a little; it seems that you get the correct V3 ValueType if you t select the "Use Single Certificate" option only; if you don't select it  the wss4j uses the V1 ValueType since there may be other certificates in the certificate chain that are of this type. I'm not sure if this is correct behavior and I could fix this by checking all certificates, but on the other hand which valuetype should it be if there are both V1 and V3 certificates in the chain? The type of the "last" certificate?

Before I dig in more and try to work around this I wanted to check if you could use the "Use Single Certificate" option as I have to get the V3 ValueType!?

I'll send you screen-shots of my settings via mail!

regards,

/Ole
eviware.com
Occasional Contributor

Re: X.509 Cert Failing Triple AAA

Per your e-mail we tried the "Use Single Cert" and SOAPUI submits 2 transactions. 1 fails AAA and the other gets passed it.  Also, I'm getting a 500 return code to SOAPUI due to the second sumbit.

Not sure why it's submitting more than one request for this option.. Can you take a look at it.  Thanks.  If we got it to only submit one request it'd probably work.
Super Contributor

Re: X.509 Cert Failing Triple AAA

Hi,

ok.. at least we're getting somewhere.. I have no idea why you are getting 2 submits.. can you try the latest build available from http://www.eviware.com/nightly-builds/2008-10-13/?

regards,

/Ole
eviware.com