Recently I have been looking for a example or for a tutorial that would describe the secured communication between two Web Service technologies; WFC(server) and WSIT(client). So far I have tried to establish a .X509 secured communication, first by creating certificate with MS-tools, registering it to IIS, importing the cert with a keytool, and finally binding it to WSIT-client via Netbeans WS-configuration tool. So far my attempts to establish the communication have been a failure:
SEVERE: WSS1906: Invalid key provided for encryption/decryption.
java.security.InvalidKeyException: Illegal key size or default parameters
Exception in thread "DataHandler.getInputStream" com.sun.xml.wss.impl.XWSSecurityRuntimeException: Unable to calculate cipher value as invalid key was provided
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
Altrough Im not explaining the very details of the problem, I would appreciate if you would any resources, suggestions, how to progress in establishing the interoperability if we are establishing WFC(server) and WSIT(client) type of communication in a secured way.
Web Services Performance, Interoperability And Testing Blog
Joined: Dec 28, 2009
So far I have taken a small step further by replacing Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files in JRE.
At the moment .NET-WS returns message "javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying security for the message" by sending the SOAP-message above. I was comparing this message with a .NET-client message. Clearly there wasn't any major discrepancies in the structure so i'll keep on examining the implementation of the certificates.