Hi,
My requirement is to implement the X509 on business service to sign and encrypt the message. I am following the steps mentioned in below document to use KSS default store. But i get sign or decryption invalid error everytime i test. The requirement is to sign and encrypt the message and decrypt the response as well.
https://docs.oracle.com/middleware/1212/owsm/OWSMS/configure-owsm-messageprotection.htm#BABCIJEE
Configuring owsm to use kss
Majorly from this document , below steps are done to configure:
-
created owsm stripe in keystore and imported partner certificate as trusted certificate type and a CA signed certificate
-
WSM domain configuration: mentioned the keystore path referring to the owsm stripe
-
created oracle.wsm.security map in csf in credentials , adding sign key and enc key
-
In business service added the policy oracle/wss11_x509_token_with_message_protection_client_policy mentioned below and referred to alias for sign key csf and enc key csf( partner cert alias) and recipient ( same partner cert alias) and csf.map name in override properties.
-
I have shared the certificate with the partner and they have added it as well.
Please let me know more about the error signature or decryption is invalid and if above steps are fine or need any modification. Also , i need to trace this in detail but i am not able to do so.