Re: WSE 3.0 CertSrv Request
- From: "Techno_Dex" <nospamchurst@xxxxxxxxxxxx>
- Date: Wed, 6 Sep 2006 16:12:22 -0500
The InputTrace from the Client has the following error message. The
Client OutputTrace looks clean. I am unable to get the Service to spit out
any logging info when using a VS ASP.NET Development Server.
- <soap:Fault>
<faultcode>soap:MustUnderstand</faultcode>
<faultstring>System.Web.Services.Protocols.SoapHeaderException: SOAP
header Security was not understood. at
System.Web.Services.Protocols.SoapHeaderHandling.SetHeaderMembers(SoapHeaderCollection
headers, Object target, SoapHeaderMapping[] mappings, SoapHeaderDirection
direction, Boolean client) at
System.Web.Services.Protocols.SoapServerProtocol.CreateServerInstance() at
System.Web.Services.Protocols.WebServiceHandler.Invoke() at
System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()</faultstring>
</soap:Fault>
"Pablo Cibraro [MVP]" <pcibraro@xxxxxxxxxxx> wrote in message
news:OaBGs5b0GHA.3464@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
I need to set the CSP to "Microsoft Enhanced Cryptographic Provider 1.0".
I marked the Key Usage as Both (Exchange and Signature), set the Key Size
to 1024, checked Create new key set, Mark Keys as exportable. I set the
Hash algorithm to SHA-1
All those settings are correct, so what error are you receiving from WSE
when you try to use those certificates ?
Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
"Techno_Dex" <nospamchurst@xxxxxxxxxxxx> wrote in message
news:eirCk8SzGHA.3512@xxxxxxxxxxxxxxxxxxxxxxx
I am having a problem creating the appropriate Certificates for mutual
X509 security use our in house Cert Authority with teh CertSrv wizard. I
have not found any good documentation on what type of certificates need to
be created and which parameters need to be set in the CertSrv. I took a
look at Pablo's blog
http://weblogs.asp.net/cibrax/archive/2006/08/08/Creating-X509-Certificates-for-WSE-or-WCF.aspx
but all that does is obscure the CertSrv Template that is used to create
the desired Certifcates instead of explaining which options need to be
set.
So far I am using the Advanced request option in the CertSrv and using
the CA form option to populate the cert details. I'm assuming that the
Intended Purpose is "Server Authentication Certificate" for the WS side
and "Client Authentication Certificate" for the Client side. From
Pablo's blog is appears I need to set the CSP to "Microsoft Enhanced
Cryptographic Provider 1.0". I marked the Key Usage as Both (Exchange
and Signature), set the Key Size to 1024, checked Create new key set,
Mark Keys as exportable. I set the Hash algorithm to SHA-1.... Can
someone shed some light on what I'm missing?
.
- Follow-Ups:
- Re: WSE 3.0 CertSrv Request
- From: Pablo Cibraro [MVP]
- Re: WSE 3.0 CertSrv Request
- References:
- Re: WSE 3.0 CertSrv Request
- From: Pablo Cibraro [MVP]
- Re: WSE 3.0 CertSrv Request
- Prev by Date: RE: WSE 3.0 and timeToleranceInSeconds element
- Next by Date: Re: How to share business layer between client server using WSE 3.0
- Previous by thread: Re: WSE 3.0 CertSrv Request
- Next by thread: Re: WSE 3.0 CertSrv Request
- Index(es):
Relevant Pages
|
