"SigningKey cannot be null" when using keystore file in the sample apps
mitusingh27 Mar 1, 2013 2:27 AMI installed and setup Picketlink for working with SAML. I was successfully able to use the sample applications with their default configurations. I want to use the sales-post-sig as the SP and my own IDP. For doing this, I created a new keystore file using this command
keytool -genkey -alias myAlias -keyalg RSA -keystore keystore.jks
I set keystore password to "password"
I set Key password to "secret"
I added my IDP's cert file to the keystore using this command:
keytool import -trustcacerts -alias certAlias -file idp.cert -keystore keystore.jks
The cert gets added. I checked this using:
keytool -list -v -keystore keystore.jks
I put this keystore.jks in the java/resources folder.
I modified the picketlink.xml file with the following information:
<Auth Key="KeyStoreURL" Value="/keystore.jks" />
<Auth Key="KeyStorePass" Value="password" />
<Auth Key="SigningKeyPass" Value="secret" />
<Auth Key="SigningKeyAlias" Value="certAlias" />
<ValidatingAlias Key="localhost" Value="certAlias" />
<ValidatingAlias Key="127.0.0.1" Value="certAlias" />
i build sales-post-sig.war and deploy it on JBoss.It deploy correctly. When I try to access it using http://localhost:8080/sales-post-sig, I get the following error
Caused by: javax.xml.crypto.dsig.XMLSignatureException: PLFED000100: Signing Process Failure
at org.picketlink.identity.federation.PicketLinkLoggerImpl.signatureError(PicketLinkLoggerImpl.java:99) [picketlink-jbas7-2.1.5.Final.jar:2.1.5.Final]
... 18 more
Caused by: java.lang.NullPointerException: signingKey cannot be null
at javax.xml.crypto.dsig.dom.DOMSignContext.<init>(DOMSignContext.java:96) [xmlsec-1.5.1.jar:1.5.1]
at org.picketlink.identity.federation.core.util.XMLSignatureUtil.sign(XM
LSignatureUtil.java:345) [picketlink-core-2.1.5.Final.jar:2.1.5.Final]
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sig
n(SAML2Signature.java:190) [picketlink-core-2.1.5.Final.jar:2.1.5.Final]
at org.picketlink.identity.federation.api.saml.v2.sig.SAML2Signature.sig
nSAMLDocument(SAML2Signature.java:259) [picketlink-core-2.1.5.Final.jar:2.1.5.Fi
nal]
Is there anything wrong with the keystore or cert file? Am I missing any step to set the sample sp with my IDP? What is signingkeyValue and where can I set it?
Thanks in advance!
-Mitu