I apologise for mixing notions but my knowledge of assymmetric web service security is shallow.
Right, I've got a java key store containing my private key and a customers public key.
When calling the customers web service I get an error message in return, saying:
"The signature or decryption is invalid".
We have found out that the public key I have in the key store and which is sent upon request, is different from the public key the customer has on its server. Somehow I have given the customer a different public key than the one I have in the key store.
What I would like to do is to regenerate the public key based on my private key in the key store, and send it to Mr Customer again. Is it possible to do so?
To be honest, this is exactly what I did by means of a keytool statement. Result, a file with .cer extension. Is the file with .cer the public key, or what?
Any advice is appreciated.
Solved it:
Above I said I tried to regenerate the public key from the key store, but I wasn't sure this was the right way to do it.
Anyhow, I provided Mr Customer with this newly generated public key and ask them to install it on their server. It worked, we've matching public keys. I used the following keytool command to regenerate the public key:
keytool -export -alias [name of private key in keystore] -file [path to output] -keystore [path to .jks keystore]