[ebxmlms-develop] Cannot get certificates path

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm using the (modified) Loopback application to reliably send a message to
myself with an acknowledgement requested:

            message.addAckRequested(true);
            mshReq.sendReliably(message, false);

However, I keep getting the following error in msh.log:

2003-03-18 15:33:57,165 ERROR [Thread-20]:
java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad
response: (409HTTP POST submitted to MessageServiceHandler failed:
MessageServiceHandlerException: hk.hku.cecid.phoenix.pki.SignException:
Cannot get certificates path - chmeeeHermesCrt

where chmeeeHermesCrt is the alias of my certificate.

The message seems to originate from ApacheXMLDSigner.java:

            certificates = ks.getCertificateChain(alias);
            if (certificates == null) {
                throw new SignException("Cannot get certificates path - " 
                    + alias);

and the description of getCertificateChain() says:

the certificate chain (ordered with the user's certificate first and the
root certificate authority last), or null if the given alias does not exist
or does not contain a certificate chain (i.e., the given alias identifies
either a trusted certificate entry or a key entry without a certificate
chain).

My keystore contains my certificate and the certificate of the CA, but I
can't figure out why getCertificateChain is returning null, so presumably my
understanding of certificate chains is weak.

Can someone please provide some openssl and/or keytool examples to
demonstrate what I'm missing?

Thanks.

PJDM
-- 
Peter Mayne
Technology Consultant
Spherion Technology Solutions
Level 1, 243 Northbourne Avenue, Lyneham, ACT, 2602
T: 61 2 62689727  F: 61 2 62689777
The information contained in this email and any attachments to it:

(a) may be confidential and if you are not the intended recipient, any interference with, 
use, disclosure or copying of this material is unauthorised and prohibited; and

(b) may contain personal information of the recipient and/or the sender as defined 
under the Privacy Act 1988 (Cth). Consent is hereby given by the recipient(s) to 
collect, hold and use such information and any personal information contained in a 
response to this email, for any reasonable purpose in the ordinary course of 
Spherion's 
business, including forwarding this email internally or disclosing it to a third party. All 
personal information collected by Spherion will be handled in accordance with 
Spherion's Privacy Policy. If you have received this email in error, please notify the 
sender and delete it.

(c) you agree not to employ or arrange employment for any candidate(s) supplied in 
this email and any attachments without first entering into a contractual agreement with 
Spherion. You further agree not to divulge any information contained in this document 
to any person(s) or entities without the express permission of Spherion.