[jboss-user] [JBoss Web Services] - Problems using WS-Security encryption...

mauro.brasil do-not-reply at jboss.com
Mon Feb 28 15:01:55 EST 2011

mauro.brasil [http://community.jboss.org/people/mauro.brasil] created the discussion

"Problems using WS-Security encryption..."

To view the discussion, visit: http://community.jboss.org/message/590162#590162

Hello there!

We have an application environment here working with JBossWS and WS-Security enabled on server side and Axis2c (with rampartc for security) on client side.
For start, we developed all the solution using just UserNameToken security and all was fine.

We decided to enable wsse encryption in order to improve communication security and, since then, I'm stucked on the same problem.

The server throwns an exception on the moment it receives the first message, like below:

Caused by: java.security.cert.CertificateParsingException: signed overrun, bytes = 67
    at sun.security.x509.X509CertImpl.parse(Unknown Source)
    at sun.security.x509.X509CertImpl.<init>(Unknown Source)
    at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
    at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
    at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(Unknown Source)
    at java.security.KeyStore.load(Unknown Source)
    at org.jboss.ws.extensions.security.SecurityStore.loadStore(SecurityStore.java:158)

After two days of constant searching trying/validating almost everything I've found about this issue, I decided to post a message here so someone can maybe give me just a hint to were to start digging.

I followed the chapter 9 of "JBoss In Action" to create the keystores/truststores/certificates and to configure my environment ("jboss-wsse-server.xml", because other files were already defined to WS-Security) without any success. 
I've found sugestions about missing parameters on keytool usage, orientation regarding some sort of update of java encryption (adding JCE and BouncyCastle provider implementation), but nothing seems to work or make sense.

If someone have any idea of solution I'll be very thankfull.

Best regards,

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110228/3a016173/attachment.html 

More information about the jboss-user mailing list