views:

232

answers:

2

I have an 3rd party SOAP web service. I need to make a call to one of its methods. The request needs to be signed. How can I sign the request?

A: 

I assume by signing you mean that you sign the message using a certificate that is installed on the client side.

Doing this is relatively easy in WCF. Assuming you are using the wsHttpBinding in the security element you have to set the mode to SecurityMode.Message. You also have to set the clientCredentialType of the message element to MessageCredentialType.Certificate.

Then, you would have to set up a endpoint behavior and configure the clientCertificate element (which is a child of the clientCredentials element) to indicate where the client certificate is stored.

Even if you aren't using the wsHttpBinding, the configuration is pretty much the same for most of the other bindings when you want to use a client certificate to provide message-level security.

If you are making the call over HTTPS, then note that you will have to set the mode attribute on the security element to Mode.TransportWithMessageCredential.

casperOne
You are correct, I am talking about signing the request with a certificate sitting on the machine making the request.
Mr Bell
I was using basicHttpBinding because thats what the utility generate by default, i switched it to wsHttpBinding by just replacing it in the web.config. When I make my request I get the error: "The request was aborted: Could not create SSL/TLS secure channel."
Mr Bell
@Mr Bell: You should be able to set the security mode on the basicHttpBinding as well using the same attributes.
casperOne
When I look at the raw request being made (from the trace file) it doesnt mention anything about a signature
Mr Bell
+1  A: 

The following is a question that was asked about using WCF to use the Amazon SOAP service which requires signing. I think the answer gives a great example, which might help with your situation.

How to sign an Amazon web service request in .NET with SOAP and without WSE

Edit: There was evidently some confusion about the link to this other StackOverflow question. I would like to point out the highest voted chosen answer. It is most definitely a WCF solution. You will notice the class SigningMessageInspector which inherits from IClientMessageInspector (a WCF interface). I think this section might help you.

Tim C
It also doesn't do it using WCF.
casperOne
@casperOne - Following Tim's link, one large answer says "I ended up updating the code to use WCF...". How is that not using WCF?
Ecyrb
@Tim C: The only answer at the time you posted the link was this: http://stackoverflow.com/questions/1204191/how-to-sign-an-amazon-web-service-request-in-net-with-soap-and-without-wse/1204671#1204671 which most definitely did not have a WCF solution.
casperOne