1
我有一個可用的soap連接,但我的證書正在結束。所以我只想更改證書。 爲我的肥皂連接我使用我使用openssl生成的密鑰庫。WSSecurityException:無法驗證或授權安全令牌
與我的舊密鑰庫,它工作正常。但與我的新我得到這stacktrace:
Caused by: org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized
at org.apache.ws.security.validate.SignatureTrustValidator.validate(SignatureTrustValidator.java:86)
at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:187)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:270)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:835)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1612)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1503)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1310)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:50)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:223)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:628)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
所以我想我的密鑰庫一代有問題。 雖然我可以發送信息,但接收錯誤。 這是代碼,並在最後一行我得到上述豁免。
AanleverServiceV12_Service service = new AanleverServiceV12_Service();
log.trace("aanleverService created");
AanleverServiceV12 aanleverServicePort = service.getAanleverServicePortV12();
log.trace("aanleverServicePort created");
AanleverRequest aanleverRequest = createAanleverRequest(belastingFormulier);
log.trace("AanleverRequest: {}", aanleverRequest);
AanleverResponse response = aanleverServicePort.aanleveren(aanleverRequest);
這是我的配置文件:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
org.apache.ws.security.crypto.merlin.keystore.password=****
org.apache.ws.security.crypto.merlin.keystore.file=keystore.p12
org.apache.ws.security.crypto.merlin.keystore.alias={csr_request_finished}
任何幫助將受到歡迎!
我試圖重新創建工作的密鑰庫,但我得到了同樣的錯誤。所以我想這個錯誤是在做密鑰庫。
我這樣做:
openssl pkcs12 -export -out keystore.p12 -inkey server.key -in cert.pem -name "{csr_request_finished}"
我這一代更新,這一點,但有相同的錯誤(我拆我自己的證書和支撐證書:
openssl pkcs12 -export -out kdeb5.p12 -inkey key.pem -in cert.pem -name "{csr_request_finished}" -certfile certRest.pem
還需要配置用於存儲該信息的任何XML(頭)或DB。如果你已經創建了任何 – logger
謝謝。我試着再次生成舊的密鑰庫,並得到相同的錯誤。所以不知何故,我不會生成密鑰庫的權利。 – tibi