0

I am facing an issue while trying to consume a WCF web service which requires mutual authentication and message signing using X509 certificate. I have already implemented mutual authentication using X509 certificate, but I am facing an issue while trying to implement message signing. I have successfully installed certificates on my machine. the error message I am getting is:

Signature verification failed

Please note I have successfully tested this application in SoapUI. But I am facing issue while trying to implement the same in C#.

My code:

public override void SecureMessage(SoapEnvelope envelope, Security security)
{
        // Get an X.509 certificate for signing the SOAP message.
        X509SecurityToken signatureToken = GetSecurityToken("subjectname");

        if (signatureToken == null)
        {
            throw new SecurityFault("Message Requirements could not be satisfied.");
        }

        // Add the X.509 certificate to the header.
        security.Tokens.Add(signatureToken);

        // Specify that the SOAP message is signed using this X.509
        // certificate.
        MessageSignature sig = new MessageSignature(signatureToken);
        security.Elements.Add(sig);
    }

    public X509SecurityToken GetSecurityToken(string subjectName)
    {
        X509SecurityToken objX509SecurityToken = null;
        X509Store objX509Store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
        objX509Store.Open(OpenFlags.ReadOnly);

        try
        {
            X509Certificate2Collection objX509Certificate2Collection = objX509Store.Certificates.Find(X509FindType.FindBySubjectName, subjectName, true);

            X509Certificate2 objX509Certificate2;

            if (objX509Certificate2Collection.Count == 1)
            {
                objX509Certificate2 = objX509Certificate2Collection[0];
                objX509SecurityToken = new X509SecurityToken(objX509Certificate2);
            }
            else
            {
                objX509SecurityToken = null;
            }
        }
        catch (Exception ex)
        {
            objX509SecurityToken = null;
        }
        finally
        {
            if (objX509Store != null)
                objX509Store.Close();
        }

        return objX509SecurityToken;
    }
marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
shobhit
  • 31
  • 1
  • 4
  • 1
    You'll need to **at least SHOW some code** before anyone can even begin to help .... – marc_s Jun 28 '15 at 08:37
  • marc- I have edited the question, above is the code i am using for message signing. i need to know how to add this token to my web service request soap header. – shobhit Jun 28 '15 at 08:50
  • 2
    i have solved this issue. below is the reference link if someone is facing the same issue: http://stackoverflow.com/questions/14740369/wcf-soap-1-1-and-ws-security-1-0-client-certificate-transport-auth-service-cer/14821814#14821814 – shobhit Jul 03 '15 at 13:36

0 Answers0