当前位置: 文江博客话题详情

wss4j: - 找不到别名的密钥:monit

发布于 2024-08-07 20:02:00 字数 5702 浏览 3 评论 0原文

当我在 client-config.wsdd 中为 WSDoAllSender 和 WSDoAllReceiver 定义(使用 axis 1.4 和 wss4j)不同的签名PropFiles 时,我使用不同的证书定义了不同的密钥存储,我能够使用不同的证书来发送和接收。但是当我使用相同的签名PropFiles'和相同的密钥库时。当我尝试发送消息时收到此消息:

  org.apache.ws.security.components.crypto.CryptoBase -- Cannot find key for alias: [monit] in keystore of type [jks] from provider [SUN version 1.5] with size [2] and aliases: {other, monit}
- Error during Signature: ; nested exception is:
        org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
        java.lang.Exception: Cannot find key for alias: [monit]
org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is:
        org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
        java.lang.Exception: Cannot find key for alias: [monit]
        at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60)
        at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202)
        at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168)
        at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
        at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
        at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
        at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
        at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
        at org.apache.axis.client.Call.invoke(Call.java:2767)
        at org.apache.axis.client.Call.invoke(Call.java:2443)
        at org.apache.axis.client.Call.invoke(Call.java:2366)
        at org.apache.axis.client.Call.invoke(Call.java:1812)
        at cz.xxx.opf.model.wsclient.ModelWebServiceSoapBindingStub.getStatus(ModelWebServiceSoapBindingStub.java:213)
        at cz.xxx.opf.wsgemonitor.monitor.util.MonitorUtil.checkStatus(MonitorUtil.java:18)
        at cz.xxx.opf.wsgemonitor.monitor.Test02WsMonitor.runTest(Test02WsMonitor.java:23)
        at cz.xxx.opf.wsgemonitor.Main.main(Main.java:75)
Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
        java.lang.Exception: Cannot find key for alias: [monit]
        at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:721)
        at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:780)
        at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
        ... 15 more
Caused by: java.lang.Exception: Cannot find key for alias: [monit]
        at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:214)
        at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:713)
        ... 17 more

How to have twocertificates for wss4j in the same keystore?当我在一个密钥库中有两个证书时,为什么它无法在那里找到我的证书。

我对有关 PWCallback (CallbackHandler) 的两个证书具有相同的密码

我的属性文件:

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin 
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keystore
org.apache.ws.security.crypto.merlin.keystore.alias=monit
org.apache.ws.security.crypto.merlin.alias.password=***
org.apache.ws.security.crypto.merlin.file=key.jks

我的 client-config.wsdd:

  <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
 <globalConfiguration>  
  <requestFlow>
   <handler name="WSSecurity" type="java:org.apache.ws.axis.security.WSDoAllSender">
        <parameter name="user" value="monit"/>
        <parameter name="passwordCallbackClass" value="cz.xxx.opf.common.ws.PWCallback"/>
        <parameter name="action" value="Signature"/>
        <parameter name="signaturePropFile" value="monit.properties"/>
        <parameter name="signatureKeyIdentifier" value="DirectReference" />
        <parameter name="mustUnderstand" value="0"/>
   </handler>
     <handler type="java:org.apache.axis.handlers.JWSHandler">
        <parameter name="scope" value="session"/>
     </handler>
     <handler type="java:org.apache.axis.handlers.JWSHandler">
        <parameter name="scope" value="request"/>
        <parameter name="extension" value=".jwr"/>
     </handler>
   </requestFlow>
   <responseFlow>  
        <handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver">
            <parameter name="user" value="other"/>  
            <parameter name="passwordCallbackClass" value="cz.xxx.opf.common.ws.PWCallback"/>
            <parameter name="action" value="Signature"/>
            <parameter name="signaturePropFile" value="other.properties"/>
            <parameter name="signatureKeyIdentifier" value="DirectReference" />  
        </handler>  
   </responseFlow>

 </globalConfiguration>

 <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender">  

 </transport>
</deployment>

来自 keytool 的列表: keytool -keystore monit-key.jks -v -list

Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

Alias name: other
Creation date: Jul 22, 2009
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
....

Alias name: monit
Creation date: Oct 19, 2009
Entry type: trustedCertEntry
原文

When I define (using axis 1.4 an wss4j) in client-config.wsdd for WSDoAllSender and WSDoAllReceiver different signaturePropFiles where I have different key stores defined with different certificates, I'm able to have different certificates for sending and receiving. But when I use the same signaturePropFiles' with the same keystore. I get this message when I try to send a message:

  org.apache.ws.security.components.crypto.CryptoBase -- Cannot find key for alias: [monit] in keystore of type [jks] from provider [SUN version 1.5] with size [2] and aliases: {other, monit}
- Error during Signature: ; nested exception is:
        org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
        java.lang.Exception: Cannot find key for alias: [monit]
org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is:
        org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
        java.lang.Exception: Cannot find key for alias: [monit]
        at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60)
        at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202)
        at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168)
        at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
        at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
        at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
        at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
        at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
        at org.apache.axis.client.Call.invoke(Call.java:2767)
        at org.apache.axis.client.Call.invoke(Call.java:2443)
        at org.apache.axis.client.Call.invoke(Call.java:2366)
        at org.apache.axis.client.Call.invoke(Call.java:1812)
        at cz.xxx.opf.model.wsclient.ModelWebServiceSoapBindingStub.getStatus(ModelWebServiceSoapBindingStub.java:213)
        at cz.xxx.opf.wsgemonitor.monitor.util.MonitorUtil.checkStatus(MonitorUtil.java:18)
        at cz.xxx.opf.wsgemonitor.monitor.Test02WsMonitor.runTest(Test02WsMonitor.java:23)
        at cz.xxx.opf.wsgemonitor.Main.main(Main.java:75)
Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is:
        java.lang.Exception: Cannot find key for alias: [monit]
        at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:721)
        at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:780)
        at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
        ... 15 more
Caused by: java.lang.Exception: Cannot find key for alias: [monit]
        at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:214)
        at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:713)
        ... 17 more

How to have two certificates for wss4j in the same keystore? why it cannot find my certificate there when i have two certificates in one keystore.

I have the same password for both certificates regarding PWCallback (CallbackHandler)

My properties file:

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin 
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keystore
org.apache.ws.security.crypto.merlin.keystore.alias=monit
org.apache.ws.security.crypto.merlin.alias.password=***
org.apache.ws.security.crypto.merlin.file=key.jks

My client-config.wsdd:

  <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
 <globalConfiguration>  
  <requestFlow>
   <handler name="WSSecurity" type="java:org.apache.ws.axis.security.WSDoAllSender">
        <parameter name="user" value="monit"/>
        <parameter name="passwordCallbackClass" value="cz.xxx.opf.common.ws.PWCallback"/>
        <parameter name="action" value="Signature"/>
        <parameter name="signaturePropFile" value="monit.properties"/>
        <parameter name="signatureKeyIdentifier" value="DirectReference" />
        <parameter name="mustUnderstand" value="0"/>
   </handler>
     <handler type="java:org.apache.axis.handlers.JWSHandler">
        <parameter name="scope" value="session"/>
     </handler>
     <handler type="java:org.apache.axis.handlers.JWSHandler">
        <parameter name="scope" value="request"/>
        <parameter name="extension" value=".jwr"/>
     </handler>
   </requestFlow>
   <responseFlow>  
        <handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver">
            <parameter name="user" value="other"/>  
            <parameter name="passwordCallbackClass" value="cz.xxx.opf.common.ws.PWCallback"/>
            <parameter name="action" value="Signature"/>
            <parameter name="signaturePropFile" value="other.properties"/>
            <parameter name="signatureKeyIdentifier" value="DirectReference" />  
        </handler>  
   </responseFlow>

 </globalConfiguration>

 <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender">  

 </transport>
</deployment>

Listing from keytool:
keytool -keystore monit-key.jks -v -list

Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 2 entries

Alias name: other
Creation date: Jul 22, 2009
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
....

Alias name: monit
Creation date: Oct 19, 2009
Entry type: trustedCertEntry

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

执妄 2024-08-14 20:02:00

我几个月前就解决了这个问题,如果有人需要的话。问题是我的密钥库中没有私钥。

I solved that months ago and if any one need it. problem was that I didn't have private key in keystore.

回复 原文
舞袖。长 2024-08-14 20:02:00

我使用的是 Sun 的 jdk,当我将其更改为 IBM JDK 时出现问题,然后问题就消失了

I was using Sun's jdk which was giving a problem when I changed it to IBM JDK then problem went away

回复 原文
~没有更多了~

关于作者

花期渐远

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

1CH1MKgiKxn9p

文章 0 评论 0

ゞ记忆︶ㄣ

文章 0 评论 0

JackDx

文章 0 评论 0

信远

文章 0 评论 0

yaoduoduo1995

文章 0 评论 0

霞映澄塘

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文