Format for pkcs#10 request, EJBCA

Question

I trying to send pkcs10Request to EJBCA by SOAP web service. Method signature is (from the docs)

CertificateResponse pkcs10Request(java.lang.String username,
                                  java.lang.String password,
                                  java.lang.String pkcs10,
                                  java.lang.String hardTokenSN,
                                  java.lang.String responseType)
where
    pkcs10 - the base64 encoded PKCS10 (only the public key is used.)
    username - the unique username
    password - the password sent with editUser call    
    hardTokenSN - Hard Token support was dropped since 7.1.0. Use null as this parameter
    responseType - indicating which type of answer that should be returned, on of the CertificateHelper.RESPONSETYPE_ parameters.

The goal is generating a certificate for a user. PKCS#10 was made with java keytoll, and looks like this:

-----BEGIN NEW CERTIFICATE REQUEST-----
MIIC7jCCAdYCAQAweTELMAkGA1UEBhMCUlUxEjAQBgNVBAgTCVRhdGFyc3RhbjEO
MAwGA1UEBxMFS2F6YW4xGTAXBgNVBAoTEE9yZ2FuaXphdGlvbk5hbWUxFTATBgNV
BAsTDE9yZ2FuaXphdGlvbjEUMBIGA1UEAxMLdGVzdHVzZXIucnUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSDWv0Pt1cBDiqWAYLfQs2Dl0jDWmTK9/k
A46/SMg7GP3VY/KKFiMf0LbaYGHQclIy4wlkUA9408NEOoY6Ynuyh3rRHBnBGkpc
LflcTKfV74V5CbTXyIjFsFFN+WNVvfk+BPh6TVMhJ9NiDrcR4C80l0/MhT4OjG1T
2s5sShrYpdkmplFxIBXQd29aTTNVdgm11Vvs08OBXu8a9x3ND+ZxduXUgTxVmoOu
AA0PrE5lXTxD5zcTDuJi+Y2RTPS2SVeu4ghSbE64941W6PA3fzHz90n9uoeeJdUM
9jfWP/7LAeWahKJCtt+cAZ2yD2W1zBmz0LuHeH8YRUb//gGICf+3AgMBAAGgMDAu
BgkqhkiG9w0BCQ4xITAfMB0GA1UdDgQWBBSUO5s19l5tiHYPcvBYnVG0ULEYCTAN
BgkqhkiG9w0BAQsFAAOCAQEAD0Kpt9/CBwODUyv4lpt7i0ge6Wf0s/Oqbhbvw9Ih
zJnEaFzOHDaVufB1iJ+m3c+Arx7heCRQTnJRTOZ8a9pl3vGyy9Ik+O4+mc5qpLOs
bENMbg5t4KCI08+SjU/7S3woaWwXDL6QIzsoyhMmx8BhnK04T0P46PsTf2h/PE1E
Z5qRW8/VFTI7K1/q+/tbvIo1TCfb9eUDi+9h1GAQLVhBCNjR459qxzybmyhIclpr
I51hwyhkAi3u7uIIGXgvdfjt/pRbH5XmBaoaK5DC6ppEM4btp12aRZh8QB3xoO7q
2Geas0gYqew6MfHflHvktOk8RpAC+cM/rnfRYIWY7C96LQ==
-----END NEW CERTIFICATE REQUEST-----

I send request like this:

Pkcs10Request request = new Pkcs10Request();
        request.setArg0(certRqDto.getUsername());
        request.setArg1(certRqDto.getPassword());
        request.setArg2(certRqDto.getPkcs10());
        request.setArg3(null);
        request.setArg4("CERTIFICATE");

        JAXBElement<Pkcs10Request> element = objectFactory.createPkcs10Request(request);
        JAXBElement<Pkcs10RequestResponse> response = (JAXBElement<Pkcs10RequestResponse>) wsClient.getWebServiceTemplate().marshalSendAndReceive(element, new SoapActionCallback(EMPTY_ACTION_STRING));

But I'm getting error, and in EJBCA's log I see this error:

2021-05-18 09:33:00,429 DEBUG [org.cesecore.certificates.certificate.request.RequestMessageUtils] (default task-2) Message not base64 encoded? Trying as binary: Error in input buffer, missing -----BEGIN NEW CERTIFICATE REQUEST----- boundary
2021-05-18 09:33:00,429 WARN  [org.cesecore.certificates.certificate.request.PKCS10RequestMessage] (default task-2) PKCS10 not initiated! unknown tag 13 encountered
...
2021-05-18 09:33:00,431 ERROR [org.jboss.as.ejb3.invocation] (default task-2) WFLYEJB0034: EJB Invocation failed on component CertificateCreateSessionBean for method public abstract org.cesecore.certificates.certificate.request.CertificateResponseMessage org.cesecore.certificates.certificate.CertificateCreateSessionLocal.createCertificate(...)
...
Caused by: java.lang.NullPointerException
    at org.cesecore.certificates.certificate.request.PKCS10RequestMessage.verify(PKCS10RequestMessage.java:444)
    at org.cesecore.certificates.certificate.request.PKCS10RequestMessage.verify(PKCS10RequestMessage.java:430)

If I'm not mistaken, the reason is in pkcs10. But it contains substring "-----BEGIN NEW CERTIFICATE REQUEST-----". I can't understand, in what format I must send pkcs#10. I'm new to this, please help.

Answer 1

Sending request without header -----BEGIN NEW CERTIFICATE REQUEST----- and footer helped me.