Recently I have been looking for a example or for a tutorial that would describe the secured communication between two Web Service technologies; WFC(server) and WSIT(client). So far I have tried to establish a .X509 secured communication, first by creating certificate with MS-tools, registering it to IIS, importing the cert with a keytool, and finally binding it to WSIT-client via Netbeans WS-configuration tool. So far my attempts to establish the communication have been a failure:
SEVERE: WSS1906: Invalid key provided for encryption/decryption.
java.security.InvalidKeyException: Illegal key size or default parameters
Exception in thread "DataHandler.getInputStream" com.sun.xml.wss.impl.XWSSecurityRuntimeException: Unable to calculate cipher value as invalid key was provided
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
Altrough Im not explaining the very details of the problem, I would appreciate if you would any resources, suggestions, how to progress in establishing the interoperability if we are establishing WFC(server) and WSIT(client) type of communication in a secured way.
Web Services Performance, Interoperability And Testing Blog
posted 10 years ago
So far I have taken a small step further by replacing Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files in JRE.
At the moment .NET-WS returns message "javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying security for the message" by sending the SOAP-message above. I was comparing this message with a .NET-client message. Clearly there wasn't any major discrepancies in the structure so i'll keep on examining the implementation of the certificates.
An elephant? An actual elephant. Into the apartment. How is the floor still here. Hold this tiny ad: