I have a web service and I have a client who is trying to connect with our web service. He is getting some errors when trying to connect with our web service. My client asked me, "What key do you see in the certificate that I sent you?" How would I find that out? How would I find the key that is in the certificate? [ December 03, 2008: Message edited by: Fred Victa ]
Jimmy Clark
Ranch Hand
Joined: Apr 16, 2008
Posts: 2187
posted
0
How is the client application trying to use the web service? What kind of certificate is being sent?
Fred Victa
Ranch Hand
Joined: May 01, 2008
Posts: 53
posted
0
The client is trying to access my web service with a x509 security certificate. My web service uses asymmetric cryptography.
Jimmy Clark
Ranch Hand
Joined: Apr 16, 2008
Posts: 2187
posted
0
What is encrypted? What is being sent to the web service?
Are you using HTTPS:? Have you properly setup the cert in your webserver (apache, tomcat, whatever?)
Nitin Pathak
Ranch Hand
Joined: Sep 25, 2006
Posts: 68
posted
0
Since the client is Asserting to your service URI, he must have provided you with a public key handle; where he must be signing the payload communicated to your URI with the private key, on a secured layer - the private (and public) key handle(s) for a J2EE application are stored in .keystore.
If you have the public key handle to your certificate, which you are using for validation (digital signature per se), you can utilize the keytool utility available with your current JDK bundle.
This would reveal the fingerprints of your certificate including the issuer, issued to, validity and so on. [ December 16, 2008: Message edited by: Nitin Pathak ]
0
