Skip to Main Content
Forums

Integration

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

The X.509 certificate is not signed. error

MocxJul 25 2011 — edited Jul 27 2011
Hi Guys

I have vm environment with soa 11g and sopaUI to generate request to my webservices. There is no OSB configured. I have protected my web service with oracle/wss10_x509_token_with_message_protection_service_policy_custom without any encryption on both the request and response. I have configure the keystore and imported all the necessary certificates all self signed. Created the credential mappings as required etc. But everytime i run the service request i get a token cannot be authenticated.
I have tested a scenario where i protected my web service with oracle/wss10_message_protection_service_policy_custom and it works fine which means to some extend my keystore configuration is ok to a certain level.

In the wls console i have made my keystore to be trusted and as a source of identity. Please see error log below. Please help with this.

[2011-07-23T13:51:51.119-04:00] [AdminServer] [NOTIFICATION] [] [oracle.wsm.agent.WSMAgent] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] WSMAgent is initialized for category=management, function=agent.function.service, topologyNodePath=/oim11g_domain/AdminServer/soainfra/default/Project1/1.0/soa_611ec1b5-0221-4be0-825c-f1a110b9e827/SERVICEs/bpelprocesssecure_client/PORTs/BPELProcessSecure_pt/INTERCEPTORs/, isJ2EE=true
[2011-07-23T13:51:51.138-04:00] [AdminServer] [NOTIFICATION] [] [oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] Recipient Alias property not configured in the policy. Defaulting to encrypting with signers certificate.
[2011-07-23T13:51:51.139-04:00] [AdminServer] [NOTIFICATION] [] [oracle.wsm.security.jps.WsmKeyStore] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] Successfully loaded keystore [ path:/odrive/oracle/oim11g_MWH/user_projects/domains/oim11g_domain/config/fmwconfig/servicestore.jks, type:JKS, sign-alias:myservicekey, crypt-alias:myservicekey, recipientAlias:null, recipientCert:null]
[2011-07-23T13:51:51.192-04:00] [AdminServer] *[ERROR] [WSM-00081]* [oracle.wsm.resources.security] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] The X.509 certificate is not signed.
[2011-07-23T13:51:51.196-04:00] [AdminServer] *[ERROR] [WSM-00006]* [oracle.wsm.resources.security] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] [arg: oracle.wsm.security.SecurityException: WSM-00081 : The X.509 certificate is not signed.] Error in receiving the request: oracle.wsm.security.SecurityException: WSM-00081 : The X.509 certificate is not signed..
[2011-07-23T13:51:51.210-04:00] [AdminServer] *[ERROR] [WSM-07607]* [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] [arg: {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss10-mutual-auth-with-certificates] [arg: oracle.wsm.security.policy.scenario.executor.Wss10MutualAuthWithCertsScenarioExecutor] Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss10-mutual-auth-with-certificates executor class oracle.wsm.security.policy.scenario.executor.Wss10MutualAuthWithCertsScenarioExecutor.
[2011-07-23T13:51:51.211-04:00] [AdminServer] [ERROR] *[WSM-07602]* [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] Failure in WS-Policy Execution due to exception.
[2011-07-23T13:51:51.217-04:00] [AdminServer] [ERROR] *[WSM-07501]* [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [WEBSERVICE_PORT.name: BPELProcessSecure_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [WEBSERVICE.name: bpelprocesssecure_client] [J2EE_APP.name: soa-infra] [arg: security] [arg: agent.function.service] [arg: soa-infra] [arg: Project1] [arg: bpelprocesssecure_client] [arg: oracle/wss10_x509_token_with_message_protection_service_policy_custom] [arg: 1] [arg: {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss10-mutual-auth-with-certificates] Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=soa-infra, composite=Project1, modelObj=bpelprocesssecure_client, policy=oracle/wss10_x509_token_with_message_protection_service_policy_custom, policyVersion=1, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss10-mutual-auth-with-certificates.
[2011-07-23T13:51:51.411-04:00] [AdminServer] [ERROR] *[OWS-04115]* [oracle.webservices.service] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J5O7yTBFw000jzwkno1EAkYq00002f,0] [APP: soa-infra] [dcid: 11d1def534ea1be0:-4a7353ab:131581aa08a:-7ffd-0000000000000042] [arg: FabricProvider] [arg: oracle.fabric.common.PolicyEnforcementException: FailedAuthentication : The security token cannot be authenticated.] An error occurred for port: FabricProvider: oracle.fabric.common.PolicyEnforcementException: FailedAuthentication : The security token cannot be authenticated..

Thanks
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Aug 24 2011
Added on Jul 25 2011
#soa-process-management, #soa-suite-discusssions
2 comments
1,383 views