Skip to main content

WSS1927: Error occured while decrypting EncryptedKey when loading private key from certain JKS keystores

1 reply [Last post]
jollerbarn
Offline
Joined: 2009-05-24
Points: 0

Hi,

First off, my environment details:
Netbeans 6.9
Metro 2.01 on Glassfish 3.01
Java 1.6.0_21

My service is configured to used Issued Token Authentication and I'm not sure I want to bore you with how it's configured, because it works just fine :) Let me know if you need details.

I've been using a self-signed keystore up until now - and it works great. But after exchanging that with a Godaddy certificate I'm experiencing this error (full stacktrace attached)
com.sun.xml.wss.impl.WssSoapFaultException: WSS1927: Error occured while decrypting EncryptedKey.

I've googled it plenty I think and all come down to the usual thing:

1) Your service client is using the wrong public key to encrypt messages to the service

2) Your STS is using the wrong public key to encrypt your token

Any ideas what logging settings I need to turn on to see why it can't load my private key from the JKS? As far as I can see the JKS is valid and I'm positive about the jks password and the private key password (have loaded the jks in keystore explorer and validated it).

Any help?

Rgds.
Jesper Hvid

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
jollerbarn
Offline
Joined: 2009-05-24
Points: 0

Hi,

Just wanted to post in here that this is now resolved with the help of Kumar.

The issue was that my keystore was named differently than the default keystore that glassfish was pointing to. Renaming the keystore to "keystore.jks" og importing my key-pair into the default keystore both work as solutions. Also, glassfish can be reconfigured to point to the new keystore.

Thanks,
Jesper Hvid

From: Jesper Hvid [mailto:jh@globeteam.com]
Sent: 10. januar 2011 15:41
To: users@metro.java.net
Subject: WSS1927: Error occured while decrypting EncryptedKey when loading private key from certain JKS keystores

Hi,

First off, my environment details:
Netbeans 6.9
Metro 2.01 on Glassfish 3.01
Java 1.6.0_21

My service is configured to used Issued Token Authentication and I'm not sure I want to bore you with how it's configured, because it works just fine :) Let me know if you need details.

I've been using a self-signed keystore up until now - and it works great. But after exchanging that with a Godaddy certificate I'm experiencing this error (full stacktrace attached)
com.sun.xml.wss.impl.WssSoapFaultException: WSS1927: Error occured while decrypting EncryptedKey.

I've googled it plenty I think and all come down to the usual thing:

1) Your service client is using the wrong public key to encrypt messages to the service

2) Your STS is using the wrong public key to encrypt your token

Any ideas what logging settings I need to turn on to see why it can't load my private key from the JKS? As far as I can see the JKS is valid and I'm positive about the jks password and the private key password (have loaded the jks in keystore explorer and validated it).

Any help?

Rgds.
Jesper Hvid