Failed Core Validation
843811Jul 24 2007 — edited May 26 2008How to diagnose why XMLSignature.validate is returning "failed core validation"?
JWSDP 2.0 demos GenDetached and Validate work fine. Modified both to function properly with "file:" input rather than "http:", thus inserted calls to SetBaseURI for the JDK bug work around. Modified versions work fine also [with file: input].
Then moved both pieces of code into my application. Unlike GenDetached.java, which simply generates an internal KeyPair, I create a keystore using keytool -genkeypair. Modified the GenDetached code to read the keystore, extract the cert and thus the public key, and separately the private key. Signed with the private key. Transformed a JAXB object and inserted it into an XML file my application creates. Output looks good. But the code imported from Validate.java indicates "failed core validation", though the one and only reference validation status is "true", i.e., successful.
If I run Validate.java on the XML generated by my app, not GenDetached.java, it too indicates "failed core validation". So something must be wrong with the signing process.
How does one go about diagnosing "failed core validation"? The whole process appears to be simple pass/fail, with no explanation or diagnostic available. Thanks.