[jboss-user] [JBossWS] - WS-Security: keystores and truststores

zarzar do-not-reply at jboss.com
Thu Nov 9 18:46:02 EST 2006


I'm using WS-Security to sign and encrypt SOAP messages. I'm signing with the sender's private key and encrypting with the receiver's public key.

  |   <config>
  |     <sign type="x509v3" alias="client"/>
  |     <encrypt type="x509v3" alias="server"/>
  |   </config>

The problem is that JBoss doesn't look for the receiver's cert in the truststore, but in the keystore. My understanding of keystores and truststores is that keystores contain your own private and public keys, while truststores contain public certs of others you trust. So I'm wondering why I've got to put certs of others that I want to send to in my keystore.

Is there a way around this? Or does the keystore have to be a duplicate of the truststore plus your own private key?

Thanks for any help.




View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3984691#3984691

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3984691

More information about the jboss-user mailing list