I have a project in where I need to make a Web-Service call to a server that requires that I Sign my request using X.509. The company that has the service pointed me to the following article for instructions on how to make the call from C# and .NET 2.0: How to: Sign a SOAP Message Using an X.509 Certificate (http://msdn.microsoft.com/en-us/library/ms819963.aspx).
However, this article makes use of the WSE and this is no longer supported in .NET 3.5. I am using Visual Studio 2008 and as far as I can tell, I need to get my X.509 certificate and add it to the client certificate list, but I can't figure out how to actually SIGN the message.
This is my code:
// I created a standard Web-Reference to the Web-Service. To use it I just create the object
CustomService.PaymentAuthorization service = new CustomService.PaymentAuthorization();
System.Security.Cryptography.X509Certificates.X509Certificate2 cert =
new System.Security.Cryptography.X509Certificates.X509Certificate2("c:\\temp\\certificate.pfx", "certPassword");
// This returns True.
bool hasPrivate = cert.HasPrivateKey;
// This returns the private Key
System.Security.Cryptography.AsymmetricAlgorithm privateKey = cert.PrivateKey;
// This tells me that the certificate was issued by Verisign
System.Security.Cryptography.X509Certificates.X500DistinguishedName distName = cert.IssuerName;
// And this tells me that my certificate is still valid.
DateTime expiration = cert.NotAfter;
// Add the certificate to the Web Service
// Make the call to the Web-Service
CustomService.paymentInfo req = ser.AuthorizePayment("Payment Parameter");
If I run this code, in the last line I get an exception that reads "Security requirements are not satisfied because the security header is not present in the incoming message." and the company's IT department claim that it's because I am not signing the the message.
As an added complexity, the company might request that I use a second certificate to Encrypt the Web-Service call and I'm at a loss here.
Using WCF, how would I tell the Web-Service to sign and/or encrypt the SOAP message using the specified X.509 key? I have been reading documents on WCF for two days now and I can't seem to figure it out.
Anyone have information on where I can get instructions on how to use the WCF to Sign/Encrypt a Web-Service request using X.509?