[ebxmlms-general] Verifying digital signatures

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

  I have Hermes 0.9.3.0 installed under the following environment:
  OS: Windows NT
  JDK: 1.4.1
  Servlet Container: Tomcat 4.0.3

I've written a small test application that just sends messages to itself =
via HTTP, I can currently send messages both reliably and unreliably. =
What I am having problems with is sending ("unreliably" sending that is) =
digitally signed messages, for some unknown reason digitally signed =
messages always fail verification with the following error message: =
Received SOAPMessage cannot be verified! I've also tried sending signed =
messages using JDK131 and I get the same result.

The private key that I'm using to sign messages has 1 root certificate =
and 1 intermediate certificate in its chain. The digital signature =
keystore that I'm using that contains the private key also contains both =
the root and intermediate certificates. The trust anchor keystore that I =
am using contains both the root and intermediate certificates mentioned =
above. The private key is a standard 1024 bit RSA key.

I have installed xalan.jar in the jre/lib/endorsed directory and I've =
also copied the jaxm-api.jar and saaj-api.jar files into Tomcat's =
common/lib directory as per the installation guide. I've also replaced =
the Tomcat's common/lib/xerces.jar file with xercesImpl.jar copied from =
Hermes and I've removed libraries from the Hermes msh.war file that =
currently appear in either Tomcat's common/lib directory or the JDK's =
jre/lib/endorsed directory.=20

I know that I must be missing something or I must have misconfigured =
something but I don't know what, any ideas?=20

Regards,

David McVeigh
Paradigm.One - making IT happen, today
(02) 9954 6528
he...@pa...