Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Avinash Haridasu (Avinash.Haridasu)
Morgan Stanley

Morgan Stanley
IN
Avinash.Haridasu Member since 2014 306 posts
Morgan Stanley
Posted: Aug 26, 2021
Last activity: Apr 26, 2022
Posted: 26 Aug 2021 2:11 EDT
Last activity: 26 Apr 2022 3:04 EDT
Closed

JWT processing error Certificate does not exist, Keystore Entry is not either PrivateKeyEntry or TrustedCertificateEntry 

Though the keyid and thumbprint in token match with that of JWK for some reason the validation (pxProcessJWT) is failing with below error.

Show More

Though the keyid and thumbprint in token match with that of JWK for some reason the validation (pxProcessJWT) is failing with below error.

( internal.jwt.JWTProcessorImpl) DEBUG  -  inside processGeneratedJsonWebToken   ( internal.jwt.JWTProcessorImpl) DEBUG  - Setting JWSVerifierFactory with PegaConfigurableJWSVerifierFactory instance  ( internal.jwt.JWTProcessorImpl) DEBUG  - Parsing generated JWT - <ACTUAL TOKEN> ( internal.jwt.JWTProcessorImpl) DEBUG  -  jwt is signed JWT. So validating signature   (ernal.jwt.JWTSignatureVerifier) DEBUG  - JWT is Signed  (ernal.jwt.JWTSignatureVerifier) DEBUG  - Validating signature for signed JWT  (ernal.jwt.JWTSignatureVerifier) DEBUG  - Validating signature using secret key  (ernal.jwt.JWTSignatureVerifier) DEBUG  -  signature bean is not null   (ernal.jwt.JWTSignatureVerifier) DEBUG  -  inside method to get JWSKeyselector   (ernal.jwt.JWTSignatureVerifier) DEBUG  -  Trying to get JwkURI from header   (ernal.jwt.JWTSignatureVerifier) DEBUG  -  public key is null   (ritycore.jwt.KeystoreEntryData) ERROR  - Certificate does not exist, Keystore Entry is not either PrivateKeyEntry or TrustedCertificateEntry  (ta_Admin_Security_Token.Action) ERROR  - Unable to process the Json Web Token  com.pega.pegarules.pub.PRRuntimeException: The thumbprint match failed against trust store      at com.pega.platform.securitycore.internal.jwt.JWTSignatureVerifier.getJWSKeySelectorFromPubKey(JWTSignatureVerifier.java:250) ~[security-core.jar:?]      at com.pega.platform.securitycore.internal.jwt.JWTSignatureVerifier.getJWSKeySelector(JWTSignatureVerifier.java:217) ~[security-core.jar:?]      at com.pega.platform.securitycore.internal.jwt.JWTSignatureVerifier.validateSignature(JWTSignatureVerifier.java:194) ~[security-core.jar:?]      at com.pega.platform.securitycore.internal.jwt.JWTProcessorImpl.processGeneratedJsonWebToken(JWTProcessorImpl.java:174) ~[security-core.jar:?]      at com.pega.pegarules.integration.engine.internal.security.jwt.JWTUtilsImpl.processJSONWebToken(JWTUtilsImpl.java:245) ~[printegrint.jar:?]      at com.pegarules.generated.activity.sh_action_pxprocessjwt_2cb41f4eb15784dd017f0940ed75124f.step3_circum0(sh_action_pxprocessjwt_2cb41f4eb15784dd017f0940ed75124f.java:393) ~[?:?]      at com.pegarules.generated.activity.sh_action_pxprocessjwt_2cb41f4eb15784dd017f0940ed75124f.perform(sh_action_pxprocessjwt_2cb41f4eb15784dd017f0940ed75124f.java:115) ~[?:?]      at com.pega.pegarules.session.internal.mgmt.Executable.doActivity(Executable.java:2850) ~[prprivate-session.jar:?]  ....... Caused by: java.io.IOException: Certificate does not exist, Keystore Entry is not either PrivateKeyEntry or TrustedCertificateEntry      at com.pega.platform.securitycore.internal.jwt.JWTSignatureVerifier.getCertificateUsingThumbprint(JWTSignatureVerifier.java:322) ~[security-core.jar:?]      at com.pega.platform.securitycore.internal.jwt.JWTSignatureVerifier.getJWSKeySelectorFromPubKey(JWTSignatureVerifier.java:245) ~[security-core.jar:?]      ... 72 more 

Show Less
To see attachments, please log in.
Pega Platform 8.6.1
Security

  • Dat Thanh Diep

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice