当我在client-config.wsdl中定义(wss4j(的bulkpanquery不同的propartiesfiles时,我有不同的证书定义了不同的密钥存储。但是,当我使用相同的密钥库使用相同的SignaturePropfiles。当我尝试发送消息时,我会收到此消息:
Invocation failed with the following:
org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias:
[sha]
Original Exception was org.apache.wss4j.common.ext.WSSecurityException:
Cannot find key for alias: [sha]
javax.xml.ws.soap.SOAPFaultException: Cannot find key for alias: [sha]
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:160)
at com.sun.proxy.$Proxy35.uploadBulkPan(Unknown Source)
at bulkPanService.BulkPanService_Client.main(BulkPanService_Client.java:34)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key
for alias: [sha]
Original Exception was org.apache.wss4j.common.ext.WSSecurityException:
Cannot find key for alias: [sha]
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
... 2 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key
for alias: [sha]
at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:745)
我的两个证书都有相同的密码。
我的属性文件:
org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin
# Type - Valid Keystore Type. Eg - pkcs12 , jks
org.apache.ws.security.crypto.merlin.keystore.type=jks
# Keystore Password
org.apache.ws.security.crypto.merlin.keystore.password=12345678
# Keystore Private Password
org.apache.ws.security.crypto.merlin.keystore.private.password=12345678
# Keystore Alias
org.apache.ws.security.crypto.merlin.keystore.alias=sha
# Keystore File Name
org.apache.ws.security.crypto.merlin.keystore.file=keystore/client/data.jks
注意堆栈跟踪的最后一部分。
org.apache.wss4j.common.crypto.Merlin.getPrivateKey
很清楚地表明您在Java密钥库中所指的别名缺少私有键。您很可能是指的是没有私钥的证书。
您可以在GitHub上向我发送证书或指向您的代码的链接。