Layer7 API Management

Expand all | Collapse all

WS-Security with Certs

  • 1.  WS-Security with Certs

    Posted 05-16-2019 04:17 PM

    I am trying to utilize the "Require ws-security signature credentials" assertion to obtain a cert from a ws-security header in a request.  I am currently getting the following error:

    • 2019-05-16T10:59:16.922-0400 WARNING 586 com.l7tech.security.xml.processor.WssProcessorImpl: Signature not valid. SignatureValue mismatched.
    • Element #id-17: Digest value mismatch: calculated:  <encrypted value is displayed here>

     

    Does anybody have some ideas to resolve or do I need to include some additional assertions?

     

    Thanks!



  • 2.  Re: WS-Security with Certs

    Posted 05-21-2019 01:04 PM

    Good afternoon,

     

    This error means that the message has been modified since it was signed so the Gateway is unable to validate the signature of the message. If you just need the certificate then you could XPath out the certificate element but it would not provide you with a security layer.

     

    Sincerely,

     

    Stephen Hughes

    Broadcom Support