Oracle® Retail Service Backbone Oracle Retail Service Backbone Security Guide 14.1 E57334-01 |
|
Previous |
Next |
This chapter discusses common errors that can occur while implementing security and the corresponding resolution.
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"> <env:Body> <env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <faultcode>wsse:InvalidSecurity</faultcode> <faultstring>Error on verifying message against security policy Error code:1025</faultstring> </env:Fault> </env:Body> </env:Envelope>
If the following exception is seen in server logs, it is generally because the server is not able to access the keystore. Either the keystore is corrupt or the password provided in domain's Web service security configuration does not match with the actual password of the keystore.
java.lang.NullPointerException at weblogic.wsee.security.bst.ServerBSTCredentialProvider.getX509Credential(ServerBSTCredentialProvider.java:180)at weblogic.wsee.security.bst.ServerBSTCredentialProvider.initCredentialFromContext(ServerBSTCredentialProvider.java:161)at weblogic.wsee.security.bst.ServerBSTCredentialProvider.initCredentials(ServerBSTCredentialProvider.java:111)at weblogic.wsee.security.configuration.WssConfiguration.initDefaultConfiguration(WssConfiguration.java:416)at weblogic.wsee.security.configuration.WssConfiguration.init(WssConfiguration.java:134)at ....
-Dssl.debug=true -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.security.SSL.enforceConstraints=off -Dweblogic.StdoutDebugEnabled=true
/wlserver_10.3/server/lib/DemoIdentity.jks /wlserver_10.3/server/lib/DemoTrust.jks
. <domain-home>/bin/setDomainEnv.sh java utils.CertGen -certfile ServerCert -keyfile ServerKey -keyfilepass DemoIdentityPassPhrase -cn rsbhost.example.com
java utils.ImportPrivateKey -certfile ServerCert.der -keyfile ServerKey.der -keyfilepass DemoIdentityPassPhrase -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -alias DemoIdentity -keypass DemoIdentityPassPhrase
keytool -list -v -keystore DemoIdentity.jks keytool -delete -alias demoidentity -keystore DemoIdentity.jks keytool -import -noprompt -trustcacerts -alias <AliasName> -file <certificate> -keystore <KeystoreFile> -storepass <Password> keytool -exportcert -storetype JKS -alias <AliasName> -keystore <KeystoreFile> -storepass <Password> -rfc -file <Certificate File Name>