[OUTGOING-SBDH-116] AS4 Error: PEPPOL:NOT_SERVICED #52
Replies: 2 comments
-
|
We have reviewed AS4 fault logs from your AP and the rejection occurs during WS-Security signature verification, specifically while validating signed AS4 attachments. The root error is: This indicates that the receiving AP was unable to resolve the signed attachment content during signature validation. The message is successfully delivered to your endpoint, but fails at the CXF/WSS4J security layer before business or document validation. Please note:
We recommend verifying:
Our own test result against Testbed (hint that we successfully received 'PINT-AE Billing/pint:billing-1@ae-1*' message using Oxalis-NG 1.2.0. Note that we are Not sending back MLS intentionally as part of test that's why it is still shown as in running state): 
|
Beta Was this translation helpful? Give feedback.
-
|
Changing to discussion as it is Not an issue |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Description
BD Submission
Transaction (with instance identifier 9b3ad57c-02ce-43c0-9eca-6c79169bf3db) to testing AP was rejected, with reason; SMP lookup was successful, but message transmission failed.
Error description: [OUTGOING-SBDH-116] Failed to send Peppol message via AS4: AS4_ERROR_MESSAGE_RECEIVED.
Error description value 1: [OUTGOING-SBDH-116] AS4 Error: PEPPOL:NOT_SERVICED
22:54:43.390 [https-jsse-nio-0.0.0.0-443-exec-9] INFO o.a.cxf.services.As4Provider.REQ_IN - REQ_IN
Address: https://revenu.pactsoft.online/oxalis/as4
HttpMethod: POST
Content-Type: multipart/related; boundary="----=_Part_232_1075067645.1768330480467"; type="application/soap+xml"
ExchangeId: 00c72a72-9a0d-4888-98e6-202158452aa7
ServiceName: As4ProviderService
PortName: As4ProviderPort
PortTypeName: As4Provider
Headers: {date=Tue, 13 Jan 2026 18:54:40 +0000 (UTC), mime-version=1.0, host=revenu.pactsoft.online, message-id=1686958714.233.1768330480467@ip-10-10-208-25.eu-west-1.compute.internal, connection=keep-alive, content-type=multipart/related; boundary="----=_Part_232_1075067645.1768330480467"; type="application/soap+xml", Content-Length=15801, accept-encoding=gzip, x-gzip, deflate, user-agent=phase4/4.1.1 https://github.com/phax/phase4}
22:54:43.392 [https-jsse-nio-0.0.0.0-443-exec-9] WARN o.a.cxf.phase.PhaseInterceptorChain - Interceptor for {http://inbound.as4.ng.oxalis.network/}As4ProviderService has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: A security error was encountered when verifying the message
at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:245)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:382)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:213)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:125)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:78)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.transport.MultipleEndpointObserver.onMessage(MultipleEndpointObserver.java:98)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:233)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:207)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:159)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:224)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:303)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:216)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:590)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:278)
at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:293)
at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:283)
at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:184)
at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:89)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
at network.oxalis.ng.inbound.tracing.DefaultOpenTelemetryTracingFilter.doFilter(DefaultOpenTelemetryTracingFilter.java:25)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:121)
at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:133)
at network.oxalis.ng.dist.war.WarGuiceFilter.doFilter(WarGuiceFilter.java:21)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:138)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:165)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:88)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:113)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:83)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:654)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:72)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:903)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1774)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:973)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:491)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: javax.xml.crypto.dsig.TransformException: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:408)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:230)
at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:340)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:326)
... 43 common frames omitted
Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.dsig.TransformException: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:575)
at org.apache.jcp.xml.dsig.internal.dom.DOMReference.validate(DOMReference.java:412)
at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:293)
at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:381)
... 46 common frames omitted
Caused by: javax.xml.crypto.dsig.TransformException: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.attachmentRequestCallback(AttachmentContentSignatureTransform.java:136)
at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.transform(AttachmentContentSignatureTransform.java:119)
at org.apache.jcp.xml.dsig.internal.dom.DOMTransform.transform(DOMTransform.java:170)
at org.apache.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:485)
... 49 common frames omitted
Caused by: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler.handle(AttachmentCallbackHandler.java:126)
at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.attachmentRequestCallback(AttachmentContentSignatureTransform.java:134)
... 52 common frames omitted
22:54:43.581 [https-jsse-nio-0.0.0.0-443-exec-9] INFO o.a.c.b.s.i.Soap12FaultOutInterceptor - class org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor$Soap12FaultOutInterceptorInternalapplication/soap+xml
22:54:43.608 [https-jsse-nio-0.0.0.0-443-exec-9] INFO n.o.ng.as4.inbound.As4FaultInHandler - handleFault for Exception
org.apache.cxf.binding.soap.SoapFault: A security error was encountered when verifying the message
at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:245)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:382)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:213)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:125)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:78)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.transport.MultipleEndpointObserver.onMessage(MultipleEndpointObserver.java:98)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:233)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:207)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:159)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:224)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:303)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:216)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:590)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:278)
at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:293)
at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:283)
at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:184)
at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:89)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
at network.oxalis.ng.inbound.tracing.DefaultOpenTelemetryTracingFilter.doFilter(DefaultOpenTelemetryTracingFilter.java:25)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:121)
at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:133)
at network.oxalis.ng.dist.war.WarGuiceFilter.doFilter(WarGuiceFilter.java:21)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:138)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:165)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:88)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:113)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:83)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:654)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:72)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:903)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1774)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:973)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:491)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: javax.xml.crypto.dsig.TransformException: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:408)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:230)
at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:340)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:326)
... 43 common frames omitted
Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.dsig.TransformException: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:575)
at org.apache.jcp.xml.dsig.internal.dom.DOMReference.validate(DOMReference.java:412)
at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:293)
at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:381)
... 46 common frames omitted
Caused by: javax.xml.crypto.dsig.TransformException: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.attachmentRequestCallback(AttachmentContentSignatureTransform.java:136)
at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.transform(AttachmentContentSignatureTransform.java:119)
at org.apache.jcp.xml.dsig.internal.dom.DOMTransform.transform(DOMTransform.java:170)
at org.apache.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:485)
... 49 common frames omitted
Caused by: javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback
at org.apache.cxf.ws.security.wss4j.AttachmentCallbackHandler.handle(AttachmentCallbackHandler.java:126)
at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.attachmentRequestCallback(AttachmentContentSignatureTransform.java:134)
... 52 common frames omitted
22:54:43.663 [https-jsse-nio-0.0.0.0-443-exec-9] INFO o.a.c.services.As4Provider.FAULT_OUT - FAULT_OUT
Content-Type: application/soap+xml
ResponseCode: 200
ExchangeId: 00c72a72-9a0d-4888-98e6-202158452aa7
ServiceName: As4ProviderService
PortName: As4ProviderPort
PortTypeName: As4Provider
Headers: {}
Payload: <env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">env:Header<eb:Messaging xmlns:eb="http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/" env:mustUnderstand="true"><eb:SignalMessage xmlns="" xmlns:ns3="http://www.unece.org/cefact/namespaces/StandardBusinessDocumentHeader" xmlns:ns4="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns6="http://www.w3.org/2000/09/xmldsig#" xmlns:ns7="http://docs.oasis-open.org/ebxml-bp/ebbp-signals-2.0">eb:MessageInfoeb:Timestamp2026-01-13T18:54:43.618Z</eb:Timestamp>eb:MessageIdc29363db-8992-47fa-b75e-0670fc04da0d@10.0.0.101</eb:MessageId>eb:RefToMessageIde33799f8-be2d-4f04-b570-bdc89aff49fc@phase4.openpeppol.testbed</eb:RefToMessageId></eb:MessageInfo><eb:Error category="Content" errorCode="EBMS:0004" origin="ebms" refToMessageInError="e33799f8-be2d-4f04-b570-bdc89aff49fc@phase4.openpeppol.testbed" severity="failure" shortDescription="Other">eb:ErrorDetailPEPPOL:NOT_SERVICED</eb:ErrorDetail></eb:Error></eb:SignalMessage></eb:Messaging></env:Header>env:Body/</env:Envelope>
Reproduce
PINT AE BILLING TEST SUITE (1.0.2)
PINT-AE Invoice reception through pint:billing-1@ae-1Failed
The testbed will generate an SBD containing a PINT-AE-compliant Invoice and send it to the Access Point that is under test. To successfully pass the test case, the under-test AP must process the received business document and reply with the appropriate MLS message. The transaction will be addressed to receiver 0235:000889 from 9922:OPTBCNTRLP1005. To properly receive the AS4 message that will be sent by the testbed AP, you must register your enrolled participant to your SMP, with the capability of receiving PINT-AE based Invoices through pint:billing-1@ae-1 (document Type ID: peppol-doctype-wildcard::urn:oasis:names:specification:ubl:schema:xsd:Invoice-2::Invoice##urn:peppol:pint:billing-1@ae-1*::2.1, Process ID: cenbii-procid-ubl::urn:peppol:bis:billing).
Expected behavior
No response
Oxalis-NG version
JDK version
Additional Info
No response
Beta Was this translation helpful? Give feedback.
All reactions