This week's book giveaway is in the OCAJP 8 forum.
We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line!
See this thread for details.
The moose likes Web Services and the fly likes HMAC secret key in keystore Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "HMAC secret key in keystore" Watch "HMAC secret key in keystore" New topic

HMAC secret key in keystore

Jeroen Wolff

Joined: Jun 26, 2007
Posts: 4

I want to get HMAC working on websphere 6 for WS-Security.
In the websphere docs i read:

WebSphere Application Server Versions 6 and later support a secret key-based signature called HMAC-SHA1. If you use HMAC-SHA1, the SOAP message does not contain a binary security token. In this case, it is assumed that the key information within the message contains the key name that is used to specify the secret key within the keystore.

How can i put a secret key in a keystore? I know how to generate keys with keytool, but
for this one we (client en server) need the same secret stored in the do i do that?


Jeroen Wolff
I agree. Here's the link:
subject: HMAC secret key in keystore
It's not a secret anymore!