Error: Signing algorithm not matched with key algorithm

[svenamaysim]

We are creating our keys for message signing with

keytool -genkeypair -keyalg RSA -sigalg SHA256withRSA

The CPA contains

<tp:SignatureAlgorithm>SHA256withRSA</tp:SignatureAlgorithm>

This leads to an error:

Message: Signing algorithm not matched with key algorithm, actual key algorithum:RSA expect algorithum: SHA256withRSA

Due to the PKISignatureImpl.java which is called by OutboxTask.java

[aaronwalker]

@svenamaysim Can you provide some details of what version you are using 2.x or 3.x what are the values in the partnership table for the signing algorithm?

On the login screen jentrata has a version number can you also provide that. Mostly interested in the git sha value.

[svenamaysim]

Hi @aaronwalker - We have the version (3.x-SNAPSHOT - buildNu)

[svenamaysim]

DB Contents from CPA upload:
partnership.ds_algorithm = 'SHA256withRSA'
partnership.md_algorithm = 'SHA-2'

[aaronwalker]

@svenamaysim how did you generate the signing keystore that is being used by jentrata?

here is the default location of the signing keystore

https://github.com/jentrata/jentrata-msh/blob/master/Plugins/CorvusEbMS/src/main/resources/hk.hku.cecid.ebms/conf/hk/hku/cecid/ebms/spa/conf/ebms.module.xml#L42

[gkatanacio]

hi @aaronwalker, it was generated using the command below:

openssl pkcs12 -name XXX-SIG -export -in XXX-SIG.cer -inkey XXX-SIG-privkey.pem -out XXX-SIG.p12

cc @svenamaysim