Xilai Dai created CXF-5250:
------------------------------
Summary: Too long the cer file name generated by XKMS service
Key: CXF-5250
URL: https://issues.apache.org/jira/browse/CXF-5250
Project: CXF
Issue Type: Bug
Components: Services
Affects Versions: 2.7.7
Reporter: Xilai Dai
When configue XKMS service using file as backend:
xkms.certificate.repo=file
xkms.file.storageDir=${karaf.home}/xkms/certificates
Start XKMS service in the container and send a register SOAP request to it:
{code}
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Body>
<RegisterRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; Id="123"
Service="http://cxf.apache.org/services/XKMS/";
xmlns="http://www.w3.org/2002/03/xkms#";>
<PrototypeKeyBinding Id="456">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIID5jCCA0+gAwIBAgIJAPahVdM2UPibMA0GCSqGSIb3DQEBBQUAMIGpMQswCQYD
VQQGEwJVUzERMA8GA1UECBMITWFyeWxhbmQxEjAQBgNVBAcTCUJhbHRpbW9yZTEp
MCcGA1UEChMgU2FtcGxlIFNUUyAtLSBOT1QgRk9SIFBST0RVQ1RJT04xFjAUBgNV
BAsTDUlUIERlcGFydG1lbnQxFDASBgNVBAMTC3d3dy5zdHMuY29tMRowGAYJKoZI
hvcNAQkBFgtzdHNAc3RzLmNvbTAeFw0xMTAyMDkxODM4MTNaFw0yMTAyMDYxODM4
MTNaMIGpMQswCQYDVQQGEwJVUzERMA8GA1UECBMITWFyeWxhbmQxEjAQBgNVBAcT
CUJhbHRpbW9yZTEpMCcGA1UEChMgU2FtcGxlIFNUUyAtLSBOT1QgRk9SIFBST0RV
Q1RJT04xFjAUBgNVBAsTDUlUIERlcGFydG1lbnQxFDASBgNVBAMTC3d3dy5zdHMu
Y29tMRowGAYJKoZIhvcNAQkBFgtzdHNAc3RzLmNvbTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAo+f8gs4WcteLdSPWPm8+ciyEz7zVmA7kcCGFQQvlO0smxRVi
WJ1x+yniT5Uu86UrAQjxRJyANBomQrirfE7KPrnCm6iVOsGDEntuIZAf7DFPnrv5
p++jAZQuR3vm4ZHXFOFTXmI+/FD5AqLfNi17xiTxZCDYyDdD39CNFTrB2PkCAwEA
AaOCARIwggEOMB0GA1UdDgQWBBRa0A38holQIbJMFW7m5ZSw+iVDHDCB3gYDVR0j
BIHWMIHTgBRa0A38holQIbJMFW7m5ZSw+iVDHKGBr6SBrDCBqTELMAkGA1UEBhMC
VVMxETAPBgNVBAgTCE1hcnlsYW5kMRIwEAYDVQQHEwlCYWx0aW1vcmUxKTAnBgNV
BAoTIFNhbXBsZSBTVFMgLS0gTk9UIEZPUiBQUk9EVUNUSU9OMRYwFAYDVQQLEw1J
VCBEZXBhcnRtZW50MRQwEgYDVQQDEwt3d3cuc3RzLmNvbTEaMBgGCSqGSIb3DQEJ
ARYLc3RzQHN0cy5jb22CCQD2oVXTNlD4mzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4GBACp9yK1I9r++pyFT0yrcaV1m1Sub6urJH+GxQLBaTnTsaPLuzq2g
IsJHpwk5XggB+IDe69iKKeb74Vt8aOe5usIWVASgi9ckqCwdfTqYu6KG9BlezqHZ
dExnIG2v/cD/3NkKr7O/a7DjlbE6FZ4G1nrOfVJkjmeAa6txtYm1Dm/f
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<KeyUsage>http://www.w3.org/2002/03/xkms#Signature</KeyUsage>
<KeyUsage>http://www.w3.org/2002/03/xkms#Encryption</KeyUsage>
<KeyUsage>http://www.w3.org/2002/03/xkms#Exchange</KeyUsage>
<UseKeyWith Application="urn:ietf:rfc:2459"
Identifier="CN=www.sts.com, OU=IT Department,
L=Baltimore, ST=Maryland, C=US" />
</PrototypeKeyBinding>
</RegisterRequest>
</soapenv:Body>
</soapenv:Envelope>
{code}
then, a long-name cer file (about 231 characters) will be generated (on Win7)
which really can't operate it later.
CN-www.sts.com_OU-IT
Department_L-Baltimore_ST-Maryland_C-US-17771579970218424475-1.2.840.113549.1.9.1-#160b737473407374732e636f6d_CN-www.sts.com_OU-IT
Department_O-Sample STS -- NOT FOR PRODUCTION_L-Baltimore_ST-Maryland_C-US.cer
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
