- This topic has 4 replies, 1 voice, and was last updated 9 years, 2 months ago by
.
-
Posts
-
-
We’re calling a web service through a WCF custom adapter. Security is mutual x509 certificates. We’ve installed our client cert and the cert we received from the web service as client and service certificates respectively.
We get a response from the web service and this error:
Error details: System.ServiceModel.Security.MessageSecurityException: Cannot resolve KeyInfo for verifying signature: KeyInfo ‘SecurityKeyIdentifier
(
IsReadOnly = False,
Count = 1,
Clause[0] = X509ThumbprintKeyIdentifierClause(Hash = 0x(thumbprint of our service cert)
)
‘, available tokens ‘SecurityTokenResolver
(
TokenCount = 1,
TokenEntry[0] = (AllowedReferenceStyle=External, Token=System.ServiceModel.Security.Tokens.WrappedKeySecurityToken, Parameters=System.ServiceModel.Security.Tokens.WrappedKeySecurityTokenParameters:
InclusionMode: Once
ReferenceStyle: Internal
RequireDerivedKeys: False)
)Looking for help from anyone who might have seen this before. We’ve decoded the cert thumbprint and confirmed it is the same as what we have placed in the ServiceCertificate setting inside the ClientCredentials > ServiceCertificate setting in the Behavior tab. We’re using mutualCertAuth in our Security binding.
-
Hi, I’ve seen once errors connected to Keys also. In my case – I didn’t fefine something called Public Key. (Or Private? Don’t remember) – anyway, after the key was defined – the problem is gone.
-
Thanks for the reply. Do you remember where you had to set this key? For instance we’re using a wcf adapter custom binding, and we’ve defined the public key of the service under the ServiceCertificate inside of the Behaviors > ClientCredentials extension. Does that ring a bell?
-
Hi,
No, After I installed certificate on my machine, actually who defined this stuff – is someone else, but I googled, and found this article – it’s the direction to check:
http://msdn.microsoft.com/en-us/healthvault/bb814945.aspx
Not in adapter, but on the machine. But, maybe the definitions you work – are other than mine.
-
-
-
I am the person who originally asked for help. In our case the solution was to change the authenticationMode in our WCF Custom adapter from “MutualCertificate” to “MutualCertificateDuplex”. The difference being the use of symmetric encryption vs asymmetric; the duplex setting calls in asymmetric and apparently that’s what the Java service is using.
To be clear; we have a send port using WCF-Custom. On the binding tab we selected customBinding. Under the binding element there is a Security group; the authenticationMode is there.
-
- The forum ‘BizTalk 2004 – BizTalk 2010’ is closed to new topics and replies.