im looking for some advice with the following problem. There are two systems that communicates by wsdl services, lets say SystemA and SystemB (Java 8, server wildfly-booteable, lib: org.apache.cxf, org.apache.wss4j). Both systems have public and private key for comunication (SystemA has SystemB's public key to invoke SystemB's services and vice versa).
When SystemA invoke a SystemB service everything works great, but when SystemB invoke SystemA services it gives the following error in SystemA:
|Causedby:org.apache.wss4j.common.ext.WSSecurityException:The private key for the supplied alias does not exist in the keystore
|OriginalExceptionwasorg.apache.wss4j.common.ext.WSSecurityException:Theprivatekeyforthesuppliedaliasdoesnotexistinthekeystore
|OriginalExceptionwasjava.security.UnrecoverableKeyException:Cannotrecoverkey
|atorg.apache.wss4j.dom.processor.EncryptedKeyProcessor.getPrivateKey(EncryptedKeyProcessor.java:270)
|atorg.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:226)
|atorg.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:90)
|atorg.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:340)
|atorg.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:319)
|...41more
|Causedby:org.apache.wss4j.common.ext.WSSecurityException:The private key for the supplied alias does not exist in the keystore
|OriginalExceptionwasjava.security.UnrecoverableKeyException:Cannot recover key
Here is the thing, I have total access to SystemA's code, keys, etc. But I have no information at all about SystemB, just the hope that they installed correctly SystemA's public key.
I need to find a way to know if they are using the right public key, is there a way to print in the log the public key alias that SystemB is using to invoke SystemA or something like that? because in case that is SystemsB fault I need evidence.
Also it could be something wrong in SystemA, here is the definition in SystemA:
Private key of SystemA:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=testkey
org.apache.ws.security.crypto.merlin.keystore.alias=testkey
org.apache.ws.security.crypto.merlin.keystore.file=/opt/archivos/clave_priv/testkey.jks
Public key of SystemB:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=pass
org.apache.ws.security.crypto.merlin.keystore.alias=epagos
org.apache.ws.security.crypto.merlin.keystore.file=/opt/archivos/clave_pub/keystore.jks
What do you think is the best way to resolve this? (again, there is no way to communicate with SystemB provider, only if I have evidence that they have something wrong)
Thanks!
EDIT: The password of the private key is correct, I proved it following one of the answers of this Caused by: java.security.UnrecoverableKeyException: Cannot recover key