Hi, Just a bit of background about my environment and problem: I am using JBoss 4.2.3 and JBoss metro for my web services. I am trying to test my web service with security using SOAtest6.2. I also have a servlet based client for my web service. I have enfored WS-Security policy using WSIT. Now when i use servlet based client everything works perfectly ok, however when i use SOAtest6.2 using the same keystore and truststore (which i have used for servlet based client) it doesn't seem to be working. I am getting the following error at server side: ERROR [com.sun.xml.wss.logging.impl.opt.crypto] WSS1913: Key used to decrypt EncryptedKey cannot be null ERROR [com.sun.xml.wss.logging.impl.opt.crypto] WSS1927: Error occured while decrypting EncryptedKey I don't know where things are going wrong here. Not sure what other information i should provide at the moment, however i will provide any information as and when required. Thanks