Using VS2019, ASP.NET project running .net 4.0.
I created the soap client adding the Service Reference to the wsdl file. Now I'm configuring the certificate and calls method.
This way worked in the old soap server, but now the soap server changed. I tested with SoapUI using the same Basic Auth configuration and works perfectly, but not with my .Net 4.0 client...
Web.config
<system.serviceModel>
<bindings>
<customBinding>
<binding name="PLATAFORMA">
<textMessageEncoding messageVersion="Soap11WSAddressing10" />
<security
authenticationMode="MutualCertificateDuplex"
messageProtectionOrder="SignBeforeEncrypt"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<secureConversationBootstrap />
</security>
<httpsTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="CERT">
<clientCredentials>
<clientCertificate findValue="ClientCert" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
<serviceCertificate>
<defaultCertificate findValue="*.ServerCert.com" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint
address="endpointURI"
binding="customBinding"
bindingConfiguration="PLATAFORMA"
behaviorConfiguration="CERT"
contract="ServiceReference1.RequestPort1"
name="Request.Request1">
<identity>
<dns value="*.ServerCert.com" />
</identity>
</endpoint>
</client>
</system.serviceModel>
XML Outoing header (catched with intercerptor):
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<a:Action s:mustUnderstand="1">peticionSincrona</a:Action>
<a:MessageID>urn:uuid:e3a5c4bd-f159-48c1-8f3f-cf22da6b7e3b</a:MessageID>
<ActivityId CorrelationId="035f2491-0772-4b1e-a286-9be30720d5ea" xmlns="http://schemas.microsoft.com/2004/09/ServiceModel/Diagnostics">4d7f76c2-0486-4a81-93ad-32aecf02b035</ActivityId>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo9ph/BcvvnBFuLQYdch+LyYAAAAAHsOKxYeqzk+Do5pQmamNIPUdiXOiYjpBl1dsV5pp+SMACQAA</VsDebuggerCausalityData>
</s:Header>
I understand that some information is needed, how can I specify to sign as XMLDsig? why is not soap/envelope/encoding? I need help to configure the soap client.
The server return error 500 with a default tomcat error, is not even soapenv:fault or similar. I think the request envelope is not generating properly.
EDIT: Must be over soap11
Is this the client configuration generated after changing the SOAP server? If it requires the Basic authentication, why do we not need to provide username/password, but just need to provide a client certificate(according to the binding type)?
I suggest you re-generate a client proxy class by adding service reference. this also generates a proper configuration in the webconfig file.
Besides, since the server changes, the server’s certificate used to implement HTTPS security may also change, so the default certificate we provide on the client-side should also be changed.
<serviceCertificate>
<defaultCertificate findValue="*.ServerCert.com" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
</serviceCertificate>
Mutual certificate authentication requires a trust relationship between the client and the server.
<security
authenticationMode="MutualCertificateDuplex"
Not only do we need to install a client certificate on the new server in order to trust the client, we also need to install the server’s certificate on the client-side.
For details,
https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/transport-security-with-certificate-authentication
https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-certificate-client
Feel free to let me know if there is anything I can help with.