Error after updating client key file

[cgroner]

After attempting to update our expiring key with a new key (.p12 Simple Order key, generated from the Enterprise Business Center), we are seeing the following exception:

com.cybersource.ws.client.SignEncryptException: General security error (No certificates for user CyberSource_SJC_US were found for encryption)
 at com.cybersource.ws.client.SignedAndEncryptedMessageHandler.handleMessageCreation(SignedAndEncryptedMessageHandler.java:197)    
 at com.cybersource.ws.client.Client.soapWrapAndSign(Client.java:215)                                                              
 at com.cybersource.ws.client.Client.runTransaction(Client.java:112)                                                               
 at com.cybersource.ws.client.Client.runTransaction(Client.java:68)                                                                
...                                                                
Caused by: org.apache.ws.security.WSSecurityException: General security error (No certificates for user CyberSource_SJC_US were found for encryption) 
 at org.apache.ws.security.message.WSSecEncrypt.prepare(WSSecEncrypt.java:174)                                                     
 at org.apache.ws.security.message.WSSecEncrypt.build(WSSecEncrypt.java:223)                                                       
 at com.cybersource.ws.client.SignedAndEncryptedMessageHandler.handleMessageCreation(SignedAndEncryptedMessageHandler.java:194)

This was running on the SDK 6.2.3, But I believe I was also able to reproduce the problem using only the nvp RunSample class provided in the 6.2.10 SDK, which generates the following back trace:

Exception in thread "main" java.lang.NullPointerException
    at com.cybersource.ws.client.SecurityUtil.handleMessageCreation(SecurityUtil.java:204)
    at com.cybersource.ws.client.Client.soapWrapAndSign(Client.java:240)
    at com.cybersource.ws.client.Client.runTransaction(Client.java:117)
    at com.cybersource.ws.client.Client.runTransaction(Client.java:67)
    at com.cybersource.sample.RunSample.runAuth(RunSample.java:150)
    at com.cybersource.sample.RunSample.main(RunSample.java:57)

Restoring our previous key resolves the issue. I have also tried regenerating the key, which all appear to be valid keys, without success.

[cgroner]

Transactions will complete successfully if useSignAndEncrypted=false, but this seem like more of a workaround than a fix.

[cgroner]

I also believe, like suggested in #151 , that something appears to have changed in the keystore generation method.

When iterating over the entries of our previous (working) keystore here, it iterates over multiple entries including the named certificates reported missing.

When using the new keystore, only 1 entry (for the key) is found. Later, when an attempt is made to use the named certificate for signing, it's not found in the identities Map, resulting in the NullPointerError.

Inspecting both keystores using the openssl shows they each contain multiple certificates. i.e.: openssl pkcs12 -info -in <keystore>.p12

Comparing our working and not-working certificates using this method, one difference I notice is the lack of 'friendlyName' properties in the certificate entries. Can you confirm whether or not this attribute is is what's being used to name the 'Alias' entries in the keystore? Is it possible the missing friendlyName properties are causing it to not correctly iterate over the parsed keystore entries?

[mahendya1002]

Could you please generate the new key and see if it works ?

[cgroner]

Generating a new key does appear to have resolved the issue.

Thank you.