Support certificate password different from keystore ---------------------------------------------------- Key: JBWS-1594 URL: http://jira.jboss.com/jira/browse/JBWS-1594 Project: JBoss Web Services Issue Type: Bug Security Level: Public(Everyone can see) Components: ws-security Affects Versions: jbossws-2.0.0.Beta, jbossws-1.2.0, jbossws-1.2.0.SP1, jbossws-2.0.0.CR5 Reporter: Peter Johnson Assigned To: Thomas Diesler Priority: Critical Fix For: jbossws-2.0.0 Attachments: patch.txt If I generate a certificate and use a different password for it than what I used for the keystore, then I get a key not found error on the server when an ecnrypted SOAP message is sent. The problem appears to be in the SecurityStore.getPrivateKey method, this line: key = (PrivateKey)keyStore.getKey(alias, decryptPassword(keyStorePassword).toCharArray()); which assumes that the keystore password is also associated with the certificate. I also checked jboss-ws-security_1_0.xsd to see if there was a way to provide a password along with the alias in the tag, but there was none.