OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
RE: [ebxml-dev] Self signed certificate rejected
Albert,
 
Look at the installation instructions here - and the commands for the certificate creation.
http://era.nih.gov/electronicreceipt/files/S2S_client_install_guide.pdf 
 
Pages 8 - 10
 
We have this working with Hermes - so you should be able to as well...
 
The PDF inside the ZIP file here is actual newer - just realized the old one is on the standalone link.
 
http://era.nih.gov/electronicreceipt/files/S2SClientInstall.zip
 
Thanks, DW

"The way to be is to do" - Confucius (551-472 B.C.)


-------- Original Message --------
Subject: [ebxml-dev] Self signed certificate rejected
From: "Kappe, Albert" <albert.kappe@capgemini.com>
Date: Fri, December 29, 2006 4:15 am
To: "ebxml-dev" <ebxml-dev@lists.ebxml.org>

Hello,
 
I run into problems using a self signed certificate from a partner.
I have imported the p7b public key in the DigitalSignature/TrustedAnchor/KeyStore.
 
This is the logging in msh.log:
2006-12-29 09:54:45,822 DEBUG [http-8090-Processor20]: receive incoming message
2006-12-29 09:54:45,842 DEBUG [http-8090-Processor20]: finished retrieving raw message from HTTP connection
2006-12-29 09:54:45,842 INFO  [http-8090-Processor20]: Process incoming message
2006-12-29 09:54:45,842 DEBUG [http-8090-Processor20]: => MessageServer.getMessageFromDataSource
2006-12-29 09:54:45,872 DEBUG [http-8090-Processor20]: Persist message to R0000\message49907 on persistence handler
2006-12-29 09:54:45,882 DEBUG [http-8090-Processor20]: => MessageServer.getMessageFromDataSource
2006-12-29 09:54:45,912 DEBUG [http-8090-Processor20]: => MessageServiceHandler.onMessage
2006-12-29 09:54:45,912 DEBUG [http-8090-Processor20]: => MessageServiceHandler.dispatchMessage
2006-12-29 09:54:45,912 DEBUG [http-8090-Processor20]: => MessageServiceHandler.hasSignature
2006-12-29 09:54:45,912 DEBUG [http-8090-Processor20]: <= MessageServiceHandler.hasSignature
2006-12-29 09:54:45,912 DEBUG [http-8090-Processor20]: => MessageServiceHandler.verify
2006-12-29 09:54:45,912 DEBUG [http-8090-Processor20]: verify the XML signature
2006-12-29 09:54:45,922 DEBUG [http-8090-Processor20]: setEnvelope, using algorithm: null
2006-12-29 09:54:45,922 DEBUG [http-8090-Processor20]: start verifying
2006-12-29 09:54:45,933 DEBUG [http-8090-Processor20]: got the signature element
2006-12-29 09:54:45,973 DEBUG [http-8090-Processor20]: created signature object
2006-12-29 09:54:45,973 DEBUG [http-8090-Processor20]: created document resolver
2006-12-29 09:54:45,973 WARN  [http-8090-Processor20]: Self signed certificate rejected.
2006-12-29 09:54:45,973 ERROR [http-8090-Processor20]: Error on verifying signature : hk.hku.cecid.phoenix.message.handler.MessageServiceHandlerException: Self signed certificate rejected.
 
What do I need to more to trust self signed certificate from a partner?
 
Regards, Albert
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]