XwsSecurityInterceptor - No default X509Certificate was provided
XwsSecurityInterceptor - No default X509Certificate was provided
I have been following some of the info in this forum and reading the spring-ws reference documentation for setting up certificate based signing in my webservice client and running into some issues, hopefully someone can help.
The error I get is ERROR - AbstractWsSecurityInterceptor.handleSecurementExce ption(241) | Could not secure response: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: No default X509Certificate was provided;.
I have setup a basic KeyStoreFactoryBean and KeyStoreCallbackHandler in what I think is the correct manner trying to load a .jks file via the classpath. I am sure that there is something dumb I am messing up somewhere, but maybe a new set of eyes would help. Any help would be greatly appreciated. I am going to post the relevant config information below.
SPRING CONFIG
<bean id="wsSecurityInterceptor"
class="org.springframework.ws.soap.security.xwss.X wsSecurityInterceptor">
<property name="policyConfiguration" value="classpath:securityPolicy.xml"/>
<property name="callbackHandlers">
<list>
<ref bean="keyStoreHandler"/>
</list>
</property>
</bean>
<bean id="keyStoreHandler" class="org.springframework.ws.soap.security.xwss.c allback.KeyStoreCallbackHandler">
<property name="keyStore" ref="keyStore"/>
<property name="trustStore" ref="trustStore"/>
<property name="defaultAlias" value="mykey"></property>
</bean>
<bean id="keyStore" class="org.springframework.ws.soap.security.suppor t.KeyStoreFactoryBean">
<property name="password" value="abcd1234"/>
<property name="location" value="classpath:rodid.jks"/>
</bean>
<bean id="trustStore" class="org.springframework.ws.soap.security.suppor t.KeyStoreFactoryBean">
<property name="password" value="abcd1234"/>
<property name="location" value="classpath:rodid.jks"/>
</bean>
SECURITY POLICY
<xwss:SecurityConfiguration xmlns:xwss=.....>
<xwss:Sign includeTimestamp="false" />
</xwss:SecurityConfiguration>
I know that the cert itself is ok because it works fine if I remove the spring config and instead supply the following VM arguments:
-Djavax.net.ssl.trustStore=c:/PATH/rodid.jks
-Djavax.net.ssl.trustStorePassword=abcd1234
-Djavax.net.ssl.keyStore=c:/PATH/certs/rodid.jks
-Djavax.net.ssl.keyStorePassword=abcd1234
