Signing message in OSB

I am able to sign the entire message using Sign.xml as the policy.
I want to just sign the body and the timestamp of the message. How do I do that? I am not too familiar with policy files.
thanks

Well the sign policy does pretty much what you want to do. It signs the body, the timestamp, and the system headers.
If you want to change this just create a new policy based on the sign policy and add, modify or remove Targets. You can read about using the MessageParts element here:
http://download.oracle.com/docs/cd/E12840_01/wls/docs103/webserv_ref/sec_assert.html#wp1052460
<?xml version="1.0"?>
<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wssp="http://www.bea.com/wls90/security/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wls="http://www.bea.com/wls90/security/policy/wsee#part"
>
<wssp:Integrity>
    <wssp:SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <wssp:CanonicalizationAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <wssp:Target>
      <wssp:DigestAlgorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" />
      <wssp:MessageParts Dialect="http://www.bea.com/wls90/security/policy/wsee#part">
        wls:SystemHeaders()
      </wssp:MessageParts>
    </wssp:Target>
    <wssp:Target>
      <wssp:DigestAlgorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" />
      <wssp:MessageParts Dialect="http://www.bea.com/wls90/security/policy/wsee#part">
        wls:SecurityHeader(wsu:Timestamp)
      </wssp:MessageParts>
    </wssp:Target>
    <wssp:Target>
      <wssp:DigestAlgorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" />
      <wssp:MessageParts Dialect="http://schemas.xmlsoap.org/2002/12/wsse#part">
      wsp:Body()
      </wssp:MessageParts>
    </wssp:Target>
</wssp:Integrity>
<wssp:MessageAge/>
</wsp:Policy>Cheers

Similar Messages

Signer messaging not working in Safari

I have customised my signer messaging for my widget which is appearing in Chrome and in Safari Mobile but not in Safari Desktop on Mac. I don't think it is a cache issue as I am clearing cache and other test changes I make are appearing. It is not showing updates to the signer message that were made the previous day.
This is only in Safari Desktop.
Is this a Bug Issue?

Hi Rob
Thanks for your reply,
I did open a support ticket yesterday and in the reply was told by Sudarshan Shridar at Echosign that he had tested the signer messaging in Safari on an iMac and he said it was OK.
I don't think he understood my problem which is that the signer message displays but it does not replicate the customisations I have made in Safari. Consequently I supplied him with 2 screen shots, one from Chrome where the Signer Message views correctly and one from Safari Where it does not view correctly.
This was 16.10pm yesterday and I have yet to receive a reply unfortunately.
Attached is the screen shots for you to see in case you have any suggestions.
Regards
Steve

Mail doesn't send certificate-signed message

Symptoms
When attempting to send a message in Mail that has been signed by a trusted certificate, a message appear that states:  "Unable to sign message You don’t have a trusted certificate in your keychain that matches the email address (sender’s email address). Without a certificate, you can’t sign messages sent from this address."
 The Compose window cannot be closed.
(same as describe for Lion in http://support.apple.com/kb/TS4222 )
Then, if you quit Mail and reopen it, the signed message reopen in its
compose window and can now be sent…

Symptoms
When attempting to send a message in Mail that has been signed by a trusted certificate, a message appear that states:  "Unable to sign message You don’t have a trusted certificate in your keychain that matches the email address (sender’s email address). Without a certificate, you can’t sign messages sent from this address."
 The Compose window cannot be closed.
(same as describe for Lion in http://support.apple.com/kb/TS4222 )
Then, if you quit Mail and reopen it, the signed message reopen in its
compose window and can now be sent…

Maximum Message size OSB can handle

Hi,
I am trying to find out the maximum message size OSB can handle without any problems.
I know this may be dependant on JVM settings etc,but what is a safe limit.Can the payload size be of 1 GB etc , say for a WSDL based proxy service.
Any formal documentation on the size of messages?
Thanks.

Hi ,
Please check the following links
https://kr.forums.oracle.com/forums/thread.jspa?threadID=2125210
https://kr.forums.oracle.com/forums/thread.jspa?threadID=2167494

Signed messages are missing from search results in a shared mailbox

We recently completed moving all user mailboxes to Exchange 2013 from Exchange 2010. We also have a policy that disables the 'download shared mailboxes' option in Outlook as it cause .ost files to get cumbersome and cause performance problems. This
means that shared mailboxes that users have open are all in 'Online' mode. Since the move to 2013, when users search against a folder in a shared mailbox, the only items that are returned are unsigned messages. Our customer base very frequently
signs email and these signed messages do not show up in results. This was working in Exchange 2010 so our users are frustrated by the sudden inability to receive complete and accurate search results.
If they perform a search of their local mailbox, which is using Cached mode, they are searching against their local index and they can find signed messages. But since the shared mailbox is not cached to their local system, they are relying on the Exchange
server index and it does not seem to be indexing any signed messages.
Does anyone know how to force Exchange 2013 to index signed messages?

try to perform the below steps and check if it works or else we need to wait till Exchange 2013 SP1 which they have planned to bring digital signature message in exchange
Outlook 2007
In Outlook 2007, follow these steps to verify that indexing is complete:
In Outlook, click Tools, Instant Search, and then click
Instant Search.
When the Microsoft Office Outlook dialog appears, you should see the following:
Outlook has finished indexing all of your items.
New items are indexed when they arrive.
0 items remaining in "Mailbox -<<var>username</var>>"
0 items remaining across all open mailboxes.
Outlook 2010 and Outlook 2013
In Outlook 2010 and Outlook 2013, follow these steps to verify that indexing is complete:
In Outlook, click in the Search box.
Click the Search tab, click Search Tools, and then click
Indexing Status.
When the Indexing Status dialog appears, you should see the following:
Outlook has finished indexing all of your items.
0 items remaining to be indexed.
Exchange Queries

Error in sending signed messages to trading partners

This is what we are doing:
Setup Host and Trading Partner Delivery Channels with Non-Repudiation of Origin
and Non-Repudiation of Receipt enabled. Upload certificates on Document
Exchange setup. Assign Delivery Channels to Agreement. Transmit outbound
Text error occurs.
Here is the error:
AIP-51083: General failure creating S/MIME digital signature:
java.lang.NullPointerException
at
oracle.tip.adapter.b2b.packaging.SmimeSecureMessaging.sign(SmimeSecureMessag
ing.java:1054)
at
oracle.tip.adapter.b2b.packaging.mime.MimePackaging.createSignedMimeBodyPart
(MimePackaging.java:392)
Everyrthing works fine if we don't have signed messages and secure messages also work.
Is there additional configuration there needs to be done?
Thank you,
Lavar

Hi,
I am not sure what you did. When you export the user certificate from the Oracle Wallet using the Oracle Wallet Manager, it is already in base64 encoded format. Save this file. You do not need to recreate the trading partner. You need to replace the existing certificate with this newly saved file in your host delivery channel. One way to do this is to upload this user certificate in the B2B host page (Click on create under the Certificates section). Then go to your host delivery channel (in the capabilities page) and view your document exchange. Once you are in the Document Exchange Details page, you can see your existing signing credential. Click Update and replace the signing credential with the newly created credential using the user certificate you have exported from the Oracle Wallet. Redeploy and restart the B2B Server.
Regards,
Eng

WSM Sign Message - BinarySecurityToken ordering in Soap message

Hi,
We are trying to send X509 signed messages to a remote client who is using WSE 3.0. WSM is using a Reference URI in SecurtiyTokenReference which relates to a BinarySecurityToken. Currently the BinarySecurityToken follows the SecurityTokenReference in the SOAP message we are sending. The 3rd party has asked we ensure the BST comes first in SOAP:
Has anybody come accross this before or have any suggestions for OWSM on how to make this happen?
*{color:#ff0000}Currently:{color}*
<?xml version="1.0" encoding="UTF-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1">
<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<dsig:Reference URI="#_1wUgSgZOxWwla32XNs9alA22">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>it3C2jxQsyJg3cu4lJw1bi1yE50=</dsig:DigestValue>
</dsig:Reference>
<dsig:Reference URI="#_FZT6dshZtCCekjthPWe1BQ22">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>KRsvU/IqWlCPd8ywrmO3EAg5TTg=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>KW8qS+50jy8CQeH9dfZCOAT0yWIUJpRysEOG+yucD6wj7VgRA8VXQLkn9yuG+G85ndVXyydCDrFyapJNL8MyEa3XI/oYWaB2Q2OFCg+ctxm7wbkwN+Wgdh/nxOp9Wls447wxfwiBF9N8XIWmGwyKa103rixazzIf1l1vny7cw+M=</dsig:SignatureValue>
{color:#ff0000}<dsig:KeyInfo>
<wsse:SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#BST-1PYIu9y1RAUXT74Pde0XvQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</dsig:KeyInfo>
</dsig:Signature>
<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-1PYIu9y1RAUXT74Pde0XvQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">*token in here+*</wsse:BinarySecurityToken>{color}
Should be:
<?xml version="1.0" encoding="UTF-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1">
<dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<dsig:Reference URI="#_1wUgSgZOxWwla32XNs9alA22">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>it3C2jxQsyJg3cu4lJw1bi1yE50=</dsig:DigestValue>
</dsig:Reference>
<dsig:Reference URI="#_FZT6dshZtCCekjthPWe1BQ22">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>KRsvU/IqWlCPd8ywrmO3EAg5TTg=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>KW8qS+50jy8CQeH9dfZCOAT0yWIUJpRysEOG+yucD6wj7VgRA8VXQLkn9yuG+G85ndVXyydCDrFyapJNL8MyEa3XI/oYWaB2Q2OFCg+ctxm7wbkwN+Wgdh/nxOp9Wls447wxfwiBF9N8XIWmGwyKa103rixazzIf1l1vny7cw+M=</dsig:SignatureValue>
{color:#ff0000}<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-1PYIu9y1RAUXT74Pde0XvQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">*token in here+*</wsse:BinarySecurityToken>
<dsig:KeyInfo>
<wsse:SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#BST-1PYIu9y1RAUXT74Pde0XvQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</dsig:KeyInfo>
</dsig:Signature>{color}

This is registered as BUG 8359856 with Oracle Support.

Content in S/MIME Signed Message

Hi,
In the following statement, is it possible that the content can be a multipart containing two bodyparts (one containing text and one containing file attachment), my question is : the signature is valid ? :
CertStore certs...
SMIMESignedGenerator fact = new SMIMESignedGenerator();
fact.addSigner(privKey, cert, SMIMESignedGenerator.DIGEST_SHA1);
fact.addCertificatesAndCRLs(certs);
MimeMultipart smime = fact.generate(content, "BC");
Example :
MimeBodyPart mbp1 = new MimeBodyPart();
mbp1.setText(mailContent);
mbp1.setHeader("Content-Type", "text/plain");
// Create the attachment and add it to the mail message
MimeBodyPart mbp2 = new MimeBodyPart();
FileDataSource fileAttachment = new FileDataSource(filePath);
DataHandler dh = new DataHandler(fileAttachment);
mbp2.setDataHandler(dh);
mbp2.setFileName(filename);
mbp2.setHeader("Content-Disposition", "ATTACHMENT");
Multipart multipart = new MimeMultipart("related");
multipart.addBodyPart(mbp1);
multipart.addBodyPart(mbp2);
PrivateKey key = UtilsCrypto.getPrivateKey( alias, passwd, urlpath, keystoretype);
Certificate[] chain = UtilsCrypto.getCertificateChain(alias, passwd, urlpath, keystoretype);
CertStore certsAndCRLs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(Arrays.asList(chain)), "BC");
MimeBodyPart bodyPart = new MimeBodyPart();
X509Certificate cert = (X509Certificate) chain[0];
bodyPart.setContent(multipart);
// set up the generator
SMIMESignedGenerator gen = new SMIMESignedGenerator();
gen.addSigner(key, cert, SMIMESignedGenerator.DIGEST_SHA1, null, null);
gen.addCertificatesAndCRLs(certsAndCRLs);
MimeMultipart multipartbase = gen.generate(bodyPart, "BC");
message = setHeadersMessage(message, mailModel, file);
message.setHeader("Content-Type", "Application/pkcs7-signature; smime-type=signed-data;name=smime.p7s");
message.setContent(multipartbase);
message.saveChanges();
trans.sendMessage(message, address);
Many thanks.

Hi,
Okay, this topic is a bit old, nevertheless, here is my response.
If I understand correctly, what you want is to sign a message with attachment.
You can do this with the following code:
// Body object
MimeBodyPart body = new MimeBodyPart();
body.setContent("this is a test yeah", "text/html");
// Attachment
MimeBodyPart attachment = new MimeBodyPart();
attachment.setDataHandler(new DataHandler(new FileDataSource(sendFile), "text/plain"));
attachment.setFileName("blabla.dat");
// Creat MIME message from parts
MimeMessage notyetsigned = new MimeMessage(session);
Multipart multipart = new MimeMultipart();
multipart.addBodyPart(body);
multipart.addBodyPart(attachment);
notyetsigned.setContent(multipart);
/* Sign message */
MimeMultipart mm = gen.generate(notyetsigned, "BC");
// Create signed MIME message (again)
MimeMessage signedmessage = new MimeMessage(session);;
signedmessage.setContent(mm);
// Set up the message instance attributes
signedmessage.addRecipient(Message.RecipientType.TO, new InternetAddress("[email protected]"));
signedmessage.setSubject(subject);
signedmessage.addHeader("X-Priority", "1");
// send message
Transport.send(signedmessage);
Regards,
Valéry B.

When I try to upgrade to Mountain Lion OS, after I select the "Buy App" option I get this "We could not complete your purchase. The product distribution file could not be verified. It may be damaged or was not signed" message, how can I upgrade?

When I try to upgrade to Mountain Lion OS form Lion OS, after I select the "Buy App" option I get this "We could not complete your purchase. The product distribution file could not be verified. It may be damaged or was not signed" message, what is causing this problem, how can I find a solution, is someone else having this problem?

The only thing that worked for me was to boot in safe mode.
Power down. Then press power button and hold 'shift' key until grey screen with progress bar appears... Once booted and logged in just open safari and browse to applestore.
No trouble at all once I did this.
Reminder: create full backup before you upgrade OS
Hope it helps.

OWSM customize policy step sign message

Hi,
is it possible to customize the OWSM policy step "sign message" ?
- to set the attribute mustUnderstand of the element wsse:Security to 0 (default is 1)
- to add the timestamp wsu:Expires to the security header (in addition to the wsu:Created timestamp)
Bye,
Markus

Hi Vikas,
Thanks for the reply.
I suspect that the "fiddling with the Outgoing Transport Protocol that is between OWSM Gateway and actual service" as mentioned in my original post is probably the same as "creating a custom transport messenger between gateway and service" as mentioned by you.
Any pointers to get me going, e.g. what interfaces te implement, classes to extend, how to register and manage with OWSM?
Thanks and best regards,
Sjoerd

Unable to sign message

whenever I try and send an email I get the following.
An error occurred while trying to sign this message with a certificate from ***** Verify that your certificate for this address is correct, and that its private key is in your keychain.
<E-mail Edited by Host>

Morning tsmith1972,
Article: TS4222 OS X Lion: Mail doesn't send certificate-signed message; Compose window cannot be closed may help with this.
Hope this helps,
Mario

Unable to sign message, keeps coming up

An error occurred while trying to sign this message with a certificate from “***********”. Verify that your certificate for this address is correct, and that its private key is in your keychain.
<Email edited by Host>

First, the address associated with the S/MIME public key must exactly match the address to which you're trying to send the encrypted message, or from which you're trying to send a signed message. If the message is both signed and encrypted, both addresses must match. The matching is case-sensitive: "[email protected]" does not match "[email protected]".
The signing and/or encrypting certificates must be valid: not self-signed, expired, or revoked. You can check the status of the certificate in Keychain Access (see below.)
If you can't encrypt or sign messages to a valid address with a valid certificate, continue.
Back up all data before proceeding.
Launch the Keychain Access application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad. Click Utilities, then Keychain Access in the icon grid.
Select the login keychain from the list on the left side of the Keychain Access window. If your default keychain has a different name, select that.
If the lock icon in the top left corner of the window shows that the keychain is locked, click to unlock it. You'll be prompted for the keychain password, which is the same as your login password, unless you've changed it.
Right-click or control-click the login entry in the list. From the menu that pops up, select
          Change Settings for Keychain "login"
In the sheet that opens, uncheck both boxes, if not already unchecked.
From the menu bar, select
          Keychain Access ▹ Preferences... ▹ First Aid
If the box labeled Keep login keychain unlocked is not checked, check it.
Select Keychain from the menu bar and repair the keychain.
Quit and relaunch Mail. Test. If the problem isn't resolved, continue.
Export all S/MIME certificates, delete them from the keychain, and reimport. For instructions, select
          Help ▹ Keychain Access Help
from the menu bar and search for the term "export" in the help window. Export each certificate as an individual file; don't combine them into one big file.
Test again. If the test fails, delete all the certificates again, then reinstall them from fresh copies.

Reliable Messaging in OSB

Hi all,
Do we need to create a WS-Policy and attach it to the WSDL in both the proxy service and business service to enable WS-RM in OSB?
Anybody implemented Reliable Messaging in OSB? Any tutorials or examples?
Thanks,
Firas

Hi Peter,
The links are referring to 10g which is different from the current 11g. For example there is no "ws" protocol in 11g and it still does not talk about how to implement it except may be for creating the policies and references to these policies in WSDL files but for example it does not talk if this should be implemented at client, proxy, business and backend service.
Thanks,
Firas

SSF error: Invalid signer, Message no. 1S005

Hello Everyone,
We are in the process of configuring the content server in our customer's landscape.
Post the definition of content repository and the associated storage category,in the CSADMIN section,in the certificates tab, an error that reads SSF error: Invalid signer, Message no. 1S005 is thrown up whenever we attempt to send the certificate.Toggling values of 'Security' and ' Check Signature' fields doesn't help either.
Could anyone shed light on this issue and possible solution?
Note:We have not enabled/configured digital signature strategy and all the previous posts in the forum on this topic are in-conclusive.
Regards,
Pradeepkumar Haragoldavar

Dear Pradeep
The error message "Invalid signer" actually exactly means what the
message text says: the system where the error occurred was unable
to verify the signer of a signed document, most likely because the
related certificate could not be found.
Please check the following:
- Does a PSE exist on the signing system for the intended purpose?
(check: communication with a content server) (TA STRUST)
- Does PSE use a subject name that consists of 7bit ASCII
characters only?
- Has the certificate been distributed to the receiving system ?
Which security toolkit do you use (SAPSECULIB or SAPCRYPTOLIB)?
Please check the version of your installed security toolkit (TA STRUST,
menu "Environment > Display SSF Version").
Please also check for any error messages that may occurr at the
SSF initialization phase (ST11)
if you are using SAPCRYPTOLIB for SSF, please see note 662340
Regards
Tushar Dave

Z10 can't open PGP-Signed Messages

Hi everybody,
we are a small company with about twenty Blackberry Z10 devices. Since the last OS-Upgrade our devices aren't able to display PGP-signed messages anymore. This isn't possible anymore on any of the Z10s devices that have been shown to me.
When you try to open a PGP-signed message the device works for about a minute and then displays the error message: "The message can't be downloaded in the alloted time. Check your network connections and try again." If I try to display the S/Mime-Details while the device is working on the PGP-signed message it shows the following message: "Details for this message will be available after the message is decoded. Please wait."
This tells me that the device tries to decrypt the message although it is only a signed message, which seems to be a bug. I also noted that S-Mime-signed messages are no problem and are shown as expected. Only PGP-signed messages produce this behaviour.
Can anybody confirm or deny this?
Cheers from Austria
Till

I do not know much about this issue but have been looking, info is hard to find, I hope what I did find helps.
It may be that you need to install a new Certificate.
http://docs.blackberry.com/en/admin/deliverables/14433/PGP_Support_Package_for_BlackBerry_Smartphone...
http://docs.blackberry.com/en/smartphone_users/deliverables/47561/als1342708099072.jsp

Signing message in OSB

Similar Messages

Maybe you are looking for