I only want to trust the server on which the web service is running but I can't get anything to work other than signatureKeyIdentifier DirectReference. All others (
IssuerSerial,X509KeyIdentifier,SKIKeyIdentifier) result in:
<processingStep description="Exception thrown: Referenced security token could not be retrieved"> at Microsoft.Web.Services3.Security.MessageSignature.CheckSignature()
at Microsoft.Web.Services3.Security.Security.LoadXml(XmlElement element)
at
Microsoft.Web.Services3.Security.Security.CreateFrom(SoapEnvelope envelope, String localActor, String serviceActor)
at Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope)</processingStep>
when WSE is processing the response. I am assuming that this means that WSE can't find the matching cert to validate the signature.
My app.config contains:
<x509 skiMode="IssuerSerial"
storeLocation="CurrentUser" allowTestRoot="true" revocationMode="Offline" verificationMode="TrustedPeopleOnly" />
Yes, I've changed the skiMode to match the server wsdd for each mode.
My CurrentUser TrustedPeople contains the cert (public key only) of the web service server.
Has anyone figured this out?
Ted
Yahoo! Photos Showcase holiday pictures in hardcover
Photo Books. You design it and well bind it!
