What is the cause of following error when the Client Authentication Identity for HTTPS,FTPS,HTTPSCA in Business Agreement has been enabled? “com.tibco.security.AXSecurityException: no signing key is available”
Article ID: KB0088468
Updated On:
| Products | Versions |
|---|---|
| TIBCO BusinessConnect | - |
| Not Applicable | - |
Description
Resolution:
Description:
============
If a private key is selected for the setting of Client Authentication Identity for HTTPS,FTPS,HTTPSCA in Business Agreement for a trading partner, TIBCO BusinessConnect™ will throw the error “com.tibco.security.AXSecurityException: no signing key is available” when sending an outbound message for this specific partner. However, if "none" is selected for the Client Authentication Identity setting, the message is sent out successfully without error.
Environment:
============
o TIBCO BusinessConnect™ 5.2.1
o TIBCO Runtime Agent™ 5.6.0
Resolution:
===========
Make sure that the private key selected for the Client Authentication Identity setting either (a) has no key usage specified or (b) it either has the digital signature or nonrepudiation usage bits set in the key usage. These properties are necessary for the Client Authentication Identity.
There are two recommendations.
1. Keep the Client Authentication Identity of the Business Agreement as none, if the HTTPSCA transport is not needed.
2. Regenerate the key by adding the key usages of digitalSignature and nonRepudiation, if the HTTPSCA transport is needed.
Keywords/Tags
= = = = = = = = =
Description:
============
If a private key is selected for the setting of Client Authentication Identity for HTTPS,FTPS,HTTPSCA in Business Agreement for a trading partner, TIBCO BusinessConnect™ will throw the error “com.tibco.security.AXSecurityException: no signing key is available” when sending an outbound message for this specific partner. However, if "none" is selected for the Client Authentication Identity setting, the message is sent out successfully without error.
Environment:
============
o TIBCO BusinessConnect™ 5.2.1
o TIBCO Runtime Agent™ 5.6.0
Resolution:
===========
Make sure that the private key selected for the Client Authentication Identity setting either (a) has no key usage specified or (b) it either has the digital signature or nonrepudiation usage bits set in the key usage. These properties are necessary for the Client Authentication Identity.
There are two recommendations.
1. Keep the Client Authentication Identity of the Business Agreement as none, if the HTTPSCA transport is not needed.
2. Regenerate the key by adding the key usages of digitalSignature and nonRepudiation, if the HTTPSCA transport is needed.
Keywords/Tags
= = = = = = = = =
Issue/Introduction
What is the cause of following error when the Client Authentication Identity for HTTPS,FTPS,HTTPSCA in Business Agreement has been enabled?
“com.tibco.security.AXSecurityException: no signing key is available”
Feedback
Yes
No
Powered by
