8 Replies Latest reply on Dec 4, 2012 11:19 AM by Anuj Dwivedi--Oracle

    B2B-51924:  Message failed the security check - Message signing failure


      Hoping there may be some assitance out there to suggest some other ways of problem solving this issue.


      - B2B (lets call it HOST1)
      - One trading partner (lets call them TP1) that use Websphere Partner Gateway as their B2B.
      - all ebXML messages are signed and sent over HTTPS in a ASYNC pattern.
      - no acknowledgement signing.
      - Configured in line with http://anuj-dwivedi.blogspot.co.nz/2011/04/implementing-message-security-in-oracle.html


      - OUTBOUND messages from HOST1 --> TP1 with an acknolledgement back to HOST1 work correctly.
      - INBOUND messages from TP1 --> HOST1 fail with a _"B2B-51924: Message failed the security check"_ error

      This points to the certificates of TP1 not being loaded into the keystore correctly, but this has been validated and public cert and intermediate certs are all loaded correctly.

      Steps I have done:

      - I have an SR open with Oracle currectly.
      - I have set up an additional Internal Oracle B2B environment as a second trading partner (say TP2) and confirmed that INBOUND and OUTBOUND work correctly. i.e. oracle to oracle, with signing of the messages with different self-signed certficates for HOST1 and TP2.
      - I have up'ed the log level using -Dweblogic.StdoutDebugEnabled=true, -Dssl.debug=true, -Dweblogic.security.SSL.verbose=true, -Djavax.net.debug=all to see if there are any pointers to why it is failing. No obvious pointers.
      - Validated that exactly the same wire message is being seen leaving TP1 as we see on the B2B HOST1, as this message goes via FW's/content switch and an XML firewall. These are the same.

      So ultimately there seems to be an issue between Websphere Partner Gateway (WPG) and Oracle B2B with message siging that I can't get to the bottom of.


      - Does anyone know of any systems (WPG to Oracle B2B) with message signing that exist currently?
      - Are they any other debug/test type senarios that you could suggest that I could try to either 1) get additional information out of the system to point to the issue, or 2) fix it? ;-)

      Any pointers would be much appreciated.