ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Web Service Security + Algorithm

Post new topic  Reply to topic
 Web Service Security + Algorithm « View previous topic :: View next topic » 
Author Message
sandeep.nandanwar
PostPosted: Mon Jan 25, 2016 1:35 am    Post subject: Web Service Security + Algorithm Reply with quote

Novice

Joined: 21 Jan 2015
Posts: 13
Hi,

I am implementing Message Signing using certificates in WMB. I have managed to apply signatures to the messages being sent from SOAP Request node. However the response from the Web Service is "The signature or decryption was invalid; nested exception is org.apache.ws.security.WSSecurityException: The signature or decryption was invalid"

However when I test it using SOAP UI, it works fine.

Can Someone help me what algorithm to choose in Policy Sets or how is the Signature calculated using the certificates.

The algorithm used in certificate is RSA1-SHA......Which algorith do we have to select from the Policy Sets...

Help is appreciated....
Back to top
View user's profile Send private message
Vitor
PostPosted: Mon Jan 25, 2016 5:19 am    Post subject: Re: Web Service Security + Algorithm Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
sandeep.nandanwar wrote:
I am implementing Message Signing using certificates in WMB.


What version?

sandeep.nandanwar wrote:
I have managed to apply signatures to the messages being sent from SOAP Request node.


How do you know? Specifically, what procedure have you followed to ensure that a valid signature has been applied to the message?

sandeep.nandanwar wrote:
However the response from the Web Service is "The signature or decryption was invalid; nested exception is org.apache.ws.security.WSSecurityException: The signature or decryption was invalid"


What hosts this web service? What are they expecting?

sandeep.nandanwar wrote:
Can Someone help me what algorithm to choose in Policy Sets or how is the Signature calculated using the certificates.

The algorithm used in certificate is RSA1-SHA......Which algorith do we have to select from the Policy Sets...


See above; will the calling service accept that certificate? Do they want something stronger?

sandeep.nandanwar wrote:
However when I test it using SOAP UI, it works fine.


You should be aware that SoapUI is using an entirely different PKI to the one WMB is using. So there could be any number of differences between the 2 that could be causing problems. Possible problem areas include (but are not limited to):

- WMB using a certificate signed with too weak a cipher where Windows is not
- WMB using a certificate signed by a CA the called web service doesn't trust where it trusts the Windows one
- WMB not actually sending a signature due to a policy set configuration error
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » Web Service Security + Algorithm
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.