Web Services › Invoke SOAP Method Async Operator › Input Parameters › WS Security › Troubleshooting WS Security › Encryption Errors
Encryption Errors
When encrypting the SOAP request, problems can occur when:
- The keystore path does not exist on the computer that contains the touchpoint.
- The keystore path is missing.
- You attempt to encrypt a non-existent part of the SOAP request. The reason field contains a message:
Element to encrypt/sign not found…
- You attempt to use symmetric encryption algorithm aes192-cbc or aes256-cbc without upgrading to the unlimited strength jurisdiction policy jars. The reason field contains a message:
Illegal key size or default parameters.
- The public key alias does not exist in the keystore. The reason field contains a message:
No certificates for user x were found for encryption…
Where x is the public key alias provided.
- You provide a bad encryption algorithm. The reason field contains a message:
SOAP invocation failed: Unable to encrypt the SOAP message.null.
The WSS4J library throws a null pointer error in this case.
- You provide a bad symmetric key encryption algorithm. The reason field contains a message:
unsupported key transport encryption algorithm: x
Where x is the symmetric key encryption algorithm provided.
- You provide a bad public key identifier type. The reason field contains a message:
Unsupported key identification…
Note: If you are encrypting a part of the SOAP request, then signing it, be sure to encrypt it as content. This action ensures its wsu:id (or name and namespace) remains in the SOAP request after encryption and before signing. Otherwise, that part is not found when attempting to sign it.
Copyright © 2014 CA.
All rights reserved.
|
|