Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-1076

WSS0221: Unable to locate matching certificate for Key Encryption using Callback Handler.

    Details

    • Type: Support
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.0.0.RELEASE
    • Fix Version/s: None
    • Component/s: Security
    • Environment:
      window 10

      Description

      HI

       I get this error when I am trying to encrypt SOAP request:

      2019-10-17 09:38:28.631 ERROR 16380 --- [nio-8080-exec-1] j.e.resource.xml.webservices.security    : WSS0221: Unable to locate matching certificate for Key Encryption using Callback Handler.2019-10-17 09:38:28.631 ERROR 16380 --- [nio-8080-exec-1] j.e.resource.xml.webservices.security    : WSS0221: Unable to locate matching certificate for Key Encryption using Callback Handler.2019-10-17 09:38:28.637 ERROR 16380 --- [nio-8080-exec-1] com.sun.xml.wss.logging.impl.filter      : WSS1413: Error extracting certificate 
      com.sun.xml.wss.XWSSecurityException: Unable to locate certificate for the alias '' at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.getCertificate(DefaultSecurityEnvironmentImpl.java:365) ~[xws-security-3.0.jar:3.0-FCS] at com.sun.xml.wss.impl.filter.EncryptionFilter.process(EncryptionFilter.java:156) ~[xws-security-3.0.jar:3.0-FCS]

      Sing request is working ok. Only issue is with encryption of request. As this is triggered by the same handler I am having issues finding out what is wrong.

       

      @Bean
      public XwsSecurityInterceptor securityInterceptor() {
          XwsSecurityInterceptor securityInterceptor = new XwsSecurityInterceptor();
          securityInterceptor.setPolicyConfiguration(new ClassPathResource("securityPolicy.xml"));
      
          try{
              securityInterceptor.setCallbackHandler(callback());
              securityInterceptor.afterPropertiesSet();
          }
              catch (Exception e)  {
                      System.out.println("display Expensionm: " + e);
          }
      
          return securityInterceptor;
      }
      
      @Bean
      public KeyStoreCallbackHandler callback() throws Exception{
          KeyStoreCallbackHandler callbackHandler = new KeyStoreCallbackHandler();
          callbackHandler.setPrivateKeyPassword("passwordo");
          callbackHandler.setDefaultAlias("mycert");
          callbackHandler.setKeyStore(keyStoreFactoryBean());
          callbackHandler.setTrustStore(TrustFactoryBean());
      
          return callbackHandler;
      }
      
      
      
      @Bean
      public KeyStore keyStoreFactoryBean(){
          KeyStoreFactoryBean keyStoreFactoryBean = new KeyStoreFactoryBean();
          keyStoreFactoryBean.setPassword("passwordo");
          keyStoreFactoryBean.setLocation(new FileSystemResource("C:\\Users\\miha_\\OneDrive\\Dokumenti\\Job\\Lj\\Spring\\Porting\\target\\classes\\softnet.jks"));
          try{
              keyStoreFactoryBean.afterPropertiesSet();
          }catch (Exception e){
              System.out.println("e: "+e );
          }
      
          return  keyStoreFactoryBean.getObject();
      }
      
      @Bean
      public KeyStore TrustFactoryBean(){
          KeyStoreFactoryBean trustFactory = new KeyStoreFactoryBean();
          trustFactory.setPassword("passwordo");
          //keyStoreFactoryBean.setType("JKS");
          System.out.println("1");
          trustFactory.setLocation(new FileSystemResource("C:\\Users\\miha_\\OneDrive\\Dokumenti\\Job\\Lj\\Spring\\Porting\\target\\classes\\trust.jks"));
          try{
              trustFactory.afterPropertiesSet();
          }catch (Exception e){
              System.out.println("e: "+e );
          }
      
          return  trustFactory.getObject();
      }
      
      @Bean
      public WebServiceTemplate template(){
          WebServiceTemplate template = new WebServiceTemplate();
          template.setMarshaller(marshaller());
          template.setUnmarshaller(marshaller());
          template.setMessageFactory(soapMessageFactory());
          template.setInterceptors(new ClientInterceptor[] {securityInterceptor()});
      
          return template;
      }
      
      @Bean
      public SaajSoapMessageFactory soapMessageFactory(){
          SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
          messageFactory.setSoapVersion(SoapVersion.SOAP_12);
          System.out.println("soapMessageFactory" +messageFactory );
      
          return messageFactory;
      }
      
      @Bean
      public Jaxb2Marshaller marshaller(){
          Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
          marshaller.setContextPath("mk.softnet.wsdl");
      
          return marshaller;
      }
      @Override
      public void addInterceptors(List interceptors) {
          interceptors.add(securityInterceptor());
      }
      

      securityPolicy.xml

       

      <xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
       <xwss:Sign includeTimestamp="false" />
       <xwss:Encrypt />
      </xwss:SecurityConfiguration>

      Basically i do not know how to set alias for encrypt as in doc there is the same config for keystore as for sign.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              miha- miha-
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:

                Time Tracking

                Estimated:
                Original Estimate - 5d
                5d
                Remaining:
                Remaining Estimate - 5d
                5d
                Logged:
                Time Spent - Not Specified
                Not Specified