Menu
▾
▴
Re: [SignServer-develop] Worker's questions and Error WSDL
|
From: Markus K. <ma...@pr...> - 2013-01-09 07:11:32
|
On 2013-01-08 18:59, Marcos Fontana wrote:
> Hi Markus,
>
> First, thanks for the support.
>
> I still getting the WSDL problem.
>
> A question: the trustStore must contain which certificate? the server
> certificate or the certificate of who will signin the document?
The certificate of the issuer of the server certificate. That is the CA
that signed the server certificate.
The purpose of the trust store is to list all CA certificates your
client application will trust when verifying the server certificate sent
by the server when the connection is established.
>
> System.setProperty("javax.net.ssl.trustStore",
> "C:/Users/Marcos/Desktop/p12/mFontana.p12");
> System.setProperty("javax.net.ssl.trustStorePassword", "myPass");
>
> Another question: If i create a service that will sign/validate
> documents of diferente peoples, which one with their own certificate,
> must i create a worker for which one of them? Or can I do it by that
> example “Signing and Validating an XML document”. For this comands, in
> the case of a PDF, there is some way to do it like in the web demos
> page, including the logo and that other informations or just having the
> worker configured wll that is included?
Each worker signs with one key-pair and uses one certificate so if you
want to use different key-pairs/certificates for different people then
you would need to have different workers for them.
The "Signing and Validating an XML document" example in the integration
chapter of the manual shows how an client application can request an XML
document to be signed and then validated.
Similarly to the code for signing an XML document you can also do this
for PDF documents. Just let the byte array 'unsigned' be the content of
the PDF document and replace DemoXMLSigner with the name of your
PDFSigner. If you configure the PDFSigner to use a logo that will also
be included just if you called it from the demo web page.
Validation is currently not supported for PDF documents though.
Best regards,
Markus
>
> Regards
> ------------------------------------------------------------------------
> From: Markus Kilås
> Sent: 06/01/2013 11:27
> To: sig...@li...
> Subject: Re: [SignServer-develop] Worker's questions and Error WSDL
>
> On 2013-01-04 17:55, Marcos Fontana wrote:
>> Hi,
>>
>
> Hi Marcos,
>
>>
>>
>> When I’m are setting properties by the command:
>>
>>
>>
>> bin/signserver.sh setproperties
>> doc/sample-configs/qs_pdfsigner_configuration.properties
>>
>>
>>
>> I got the console error: Error reading property file. Is there some
>> place that I can see this log?
>>
>
> You can get this error is the file is not existing or in any other way
> not readable. Make sure that the file can be read by for instance
> running "less doc/sample-configs/qs_pdfsigner_configuration.properties".
> Unfortunately this is not logged anywhere in more detail than what is
> printed on the console.
>
>>
>>
>> The configurations are right. Another question, what is the difference
>> by worker and signer?
>
> A Worker is an entity in SignServer which has an Worker ID and a
> configuration and can be called to perform some work. A signer is a type
> of worker which uses a crypto token to sign something.
>
>>
>>
>>
>> The ID or Worker name, in the case of PDF, is the PDFSigner, configured
>> in this line: WORKERGENID1.NAME=PDFSigner?
>
> That property sets the worker name to "PDFSigner" for the new worker
> which is about to be added. The WORKERGENID1 means that a new worker
> with the next available ID will be created.
>
> If you instead want to define the worker ID you could replace
> WORKERGENID1 with for instance WORKER47 (or any other ID). This is
> recommended if you want to be able to apply (setproperties) the file
> again without having a new worker to be created.
>
>>
>>
>>
>> And another question, I’m getting this error when i try to instantiate
>> the object os WSDL in this line
>>
>> : ISigningAndValidation _signserver_ =
>> *new*SigningAndValidationWS("localhost", 8442, *true*);
>>
>>
>>
>> _javax.xml.ws.WebServiceException_: Failed to access the WSDL at:
>> https://localhost:8442/signserver/signserverws/signserverws?wsdl. It
>> failed with:
>>
>> _java.security.NoSuchAlgorithmException_: Error constructing
>> implementation (algorithm: Default, provider: SunJSSE, class:
>> com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl).
>>
>> at
>> com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(Unknown
>> Source)
>>
>> at
>> com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(Unknown Source)
>>
>> at
>> com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(Unknown Source)
>>
>> at
>> com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source)
>>
>> at
>> com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(Unknown Source)
>>
>> at
>> com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(Unknown
>> Source)
>>
>> at javax.xml.ws.Service.<init>(Unknown Source)
>>
>> at
>> org.signserver.protocol.ws.gen.SignServerWSService.<init>(_SignServerWSService.java:42_)
>>
>> at
>> org.signserver.client.api.SigningAndValidationWS.<init>(_SigningAndValidationWS.java:120_)
>>
>> at
>> org.signserver.client.api.SigningAndValidationWS.<init>(_SigningAndValidationWS.java:83_)
>>
>> at
>> certificate.model.ModelDocumento.assinarDocumento4(_ModelDocumento.java:145_)
>>
>> at certificate.principal.Principal.main(_Principal.java:70_)
>>
>> Caused by: _java.net.SocketException_:
>> _java.security.NoSuchAlgorithmException_: Error constructing
>> implementation (algorithm: Default, provider: SunJSSE, class:
>> com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)
>>
>> at javax.net.ssl.DefaultSSLSocketFactory.throwException(Unknown
>> Source)
>>
>> at javax.net.ssl.DefaultSSLSocketFactory.createSocket(Unknown Source)
>>
>> at sun.net.www.protocol.https.HttpsClient.createSocket(Unknown
>> Source)
>>
>> at sun.net.NetworkClient.doConnect(Unknown Source)
>>
>> at sun.net.www.http.HttpClient.openServer(Unknown Source)
>>
>> at sun.net.www.http.HttpClient.openServer(Unknown Source)
>>
>> at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
>>
>> at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
>>
>> at
>> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown
>> Source)
>>
>> at
>> sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
>>
>> at
>> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown
>> Source)
>>
>> at
>> sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
>>
>> at
>> sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown
>> Source)
>>
>> at java.net.URL.openStream(Unknown Source)
>>
>> at
>> com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.createReader(Unknown
>> Source)
>>
>> at
>> com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(Unknown Source)
>>
>> ... 11 more
>>
>
> Have you defined the javax.net.ssl.trustStore and
> javax.net.ssl.trustStorePassword system properties?
>
> See
> http://signserver.org/manual/integration.html#Signing%20and%20validating%20an%20XML%20document
> for an example.
>
>
> Best regards,
> Markus
>
>
> PrimeKey Solutions offers a commercial EJBCA & SignServer support
> subscription and training. Please see www.primekey.se
> <http://www.primekey.se> or contact
> in...@pr... for more information.
> http://www.primekey.se/Services/Support/
> http://www.primekey.se/Services/Training/
>
>
|
