search

phax / as2-lib

A generic Java AS2 library, servlet and server
107 stars 43 forks source link

AS2 server error when decrypting message "Certificate does not match part signature" #114

Closed ihudedi closed 4 years ago

ihudedi commented 4 years ago

Hi Philip, When decrypting message that sent from as2-lib client to our as2-server ( also as2-lib) we are getting the following error: Certificate does not match part signature This code is arrived from BCCryptoHelper::decrypt method ( line 439 in 4.5.5 version) if (aRecipient == null) throw new GeneralSecurityException ("Certificate does not match part signature"); Do you know what is the root cause for this issue and how to solve those meesages? Thanks, Itay

ihudedi commented 4 years ago

Hi Philip, Do you have an idea what is the issue here and how to solve this? Thanks, Itay

phax commented 4 years ago

I am not sure. There is a log message exactly before that "if": Error retrieving RecipientInformation - is that contained in your log file? Is it possible that the sending party uses and outdated certificate compared to what the receiver expects? Some kind of a certificate mismatch is the best I can come up with.

ihudedi commented 4 years ago

Hi Philip, Looks like mismatch of AS2 ID and alias Thanks a lot, Itay

asdfghjklzxcvbnmmmmmmmm commented 9 months ago

Hi ihudedi, I had the same problem,But my AS2 ID and alias Settings are the same When decrypting message that sent from as2-lib client to our as2-server ( also as2-lib) we are getting the following error: Certificate does not match part signature This code is arrived from BCCryptoHelper::decrypt method ( line 439 in 4.5.5 version) if (aRecipient == null) throw new GeneralSecurityException ("Certificate does not match part signature"); Do you know what is the root cause for this issue and how to solve those meesages? Thanks, Itay

phax commented 9 months ago

@asdfghjklzxcvbnmmmmmmmm Depending on the keystore format you are using (JKS or PKCS12) the alias name is case-sensitive or not. So please make sure the names are completely correct and have neither leading nor trailing whitespaces.

asdfghjklzxcvbnmmmmmmmm commented 9 months ago

I fixed the problem by rolling back the version from 4.10.0 to 4.71 ​

---- Replied Message ---- | From | Philip @.> | | Date | 11/30/2023 02:09 | | To | phax/as2-lib @.> | | Cc | asdfghjklzxcvbnmmmmmmmm @.>, Mention @.> | | Subject | Re: [phax/as2-lib] AS2 server error when decrypting message "Certificate does not match part signature" (#114) |

@asdfghjklzxcvbnmmmmmmmm Depending on the keystore format you are using (JKS or PKCS12) the alias name is case-sensitive or not. So please make sure the names are completely correct and have neither leading nor trailing whitespaces.

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: @.***>