Re: WSE 3.0 CertSrv Request
- From: "Techno_Dex" <nospamchurst@xxxxxxxxxxxx>
- Date: Thu, 7 Sep 2006 13:35:30 -0500
I finally stumbled across the Service log files (was looking to deep in the
directory structure). The only thing I have in that log file is an error
from yesterday before I started changing params trying to find a resolution
to the problem. That appeared to be an authentication issue, but I don't
have anything since then, so I'm pretty sure the Client proxy call isn't
getting to the Service at all. Could it have something to do with the
ASP.NET Development Server caching info like IIS would if it were running
under IIS? My understanding is that the ASP.NET Development Server runs
under the current user's credentials so it should have access to the Cert
Store. I'm still stuck. I've looked over the WSE Labs for Mutual11Security
and everything appears to be configured the same (except for the Virtual
Directories in IIS) from what I can tell. Any other thoughts??
"Pablo Cibraro [MVP]" <pcibraro@xxxxxxxxxxx> wrote in message
news:%23q568Oq0GHA.1268@xxxxxxxxxxxxxxxxxxxxxxx
mmm, it seems that something is bad configured on the server side. Take a
look to the server trace to see if you can find any error there.
Regards,
pablo.
"Techno_Dex" <nospamchurst@xxxxxxxxxxxx> wrote in message
news:uvJgyjf0GHA.1268@xxxxxxxxxxxxxxxxxxxxxxx
The InputTrace from the Client has the following error message. The
Client OutputTrace looks clean. I am unable to get the Service to spit
out any logging info when using a VS ASP.NET Development Server.
- <soap:Fault>
<faultcode>soap:MustUnderstand</faultcode>
<faultstring>System.Web.Services.Protocols.SoapHeaderException: SOAP
header Security was not understood. at
System.Web.Services.Protocols.SoapHeaderHandling.SetHeaderMembers(SoapHeaderCollection
headers, Object target, SoapHeaderMapping[] mappings, SoapHeaderDirection
direction, Boolean client) at
System.Web.Services.Protocols.SoapServerProtocol.CreateServerInstance()
at System.Web.Services.Protocols.WebServiceHandler.Invoke() at
System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()</faultstring>
</soap:Fault>
"Pablo Cibraro [MVP]" <pcibraro@xxxxxxxxxxx> wrote in message
news:OaBGs5b0GHA.3464@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
I need to set the CSP to "Microsoft Enhanced Cryptographic Provider
1.0". I marked the Key Usage as Both (Exchange and Signature), set the
Key Size to 1024, checked Create new key set, Mark Keys as exportable.
I set the Hash algorithm to SHA-1
All those settings are correct, so what error are you receiving from WSE
when you try to use those certificates ?
Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
"Techno_Dex" <nospamchurst@xxxxxxxxxxxx> wrote in message
news:eirCk8SzGHA.3512@xxxxxxxxxxxxxxxxxxxxxxx
I am having a problem creating the appropriate Certificates for mutual
X509 security use our in house Cert Authority with teh CertSrv wizard.
I have not found any good documentation on what type of certificates
need to be created and which parameters need to be set in the CertSrv.
I took a look at Pablo's blog
http://weblogs.asp.net/cibrax/archive/2006/08/08/Creating-X509-Certificates-for-WSE-or-WCF.aspx
but all that does is obscure the CertSrv Template that is used to create
the desired Certifcates instead of explaining which options need to be
set.
So far I am using the Advanced request option in the CertSrv and using
the CA form option to populate the cert details. I'm assuming that the
Intended Purpose is "Server Authentication Certificate" for the WS side
and "Client Authentication Certificate" for the Client side. From
Pablo's blog is appears I need to set the CSP to "Microsoft Enhanced
Cryptographic Provider 1.0". I marked the Key Usage as Both (Exchange
and Signature), set the Key Size to 1024, checked Create new key set,
Mark Keys as exportable. I set the Hash algorithm to SHA-1.... Can
someone shed some light on what I'm missing?
.
- References:
- Re: WSE 3.0 CertSrv Request
- From: Pablo Cibraro [MVP]
- Re: WSE 3.0 CertSrv Request
- From: Techno_Dex
- Re: WSE 3.0 CertSrv Request
- From: Pablo Cibraro [MVP]
- Re: WSE 3.0 CertSrv Request
- Prev by Date: Re: WSE 3.0 CertSrv Request
- Next by Date: Re: WSE 3.0 CertSrv Request
- Previous by thread: Re: WSE 3.0 CertSrv Request
- Next by thread: Re: WSE 3.0 CertSrv Request
- Index(es):
Relevant Pages
|
