WSEC5043E Error in IBM Process Server - Websphere

This is a discussion on WSEC5043E Error in IBM Process Server - Websphere ; Hello, We are using X509 certificate to give signature to our web service. The service works fine when invoked from IBM WID client, with X509 keystores.. When the same service is invoked from SOAP UI client: we get this exception: ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: WSEC5043E Error in IBM Process Server

  1. WSEC5043E Error in IBM Process Server

    Hello,
    We are using X509 certificate to give signature to our web service. The service works fine when invoked from IBM WID client, with X509 keystores..

    When the same service is invoked from SOAP UI client: we get this exception:


    soapenv:Server.securityException
    com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5043E: One "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Reference" element is required.



    Has anybody encountered this / any ideas on how to correct this. The WAS support documentation does not say much. Its a JAX RPC error.

    Thanks

  2. Re: WSEC5043E Error in IBM Process Server

    I was just struggeling with the same problem. I had used "X509 Certificate" as "Key identifier type", but when compared with RAD and the WS-security wizard, I used "X509 certificate token v3" there. So in SoapUI I switched to using "Binary Security Token", and then got the error message *"WSEC5720E: A required message part \[body] is not signed"* in return. So, in the request window, I right-clicked the body part of the message and picked *"Apply outgoing WSS"* and my testout making SoapUI create a digital signature.

    I then got the error message *"WSEC5502E: Unexpected element as the target element: wsse:BinarySecurityToken."* I found this description at the WAS 6.0 Info.Center [WAS 6.0 Info.Center|http://publib.boulder.ibm.com/infoce...bleshoot.html] (search for WSEC5502E). The reason seems to be that my WebService expect a 509 v3 token, which my Binary Security Token is not.

    So, maybe "X509 certificate token v3" is impossible using SoapUI? I guess not, but maybe not so straightforward...

    R.

+ Reply to Thread