Hi @Claudia Murialdo ,
In general, the wcf service can be configured in the.NET client by doing the following:
- Create a new project and add the url to the wsdl. A new project is generated with a sample request for your service.
- Use right click of the mouse in the project to open the “Project view”.
- Navigate to the “WS-Security Configurations” tab.
- Select the “Keystores” tab and add the certificate with private key so you can sign the request.
- Go to the “Outgoing WS-Security Configurations” and add a new configuration.
- Add in the newly created configuration a “Signature”.
- Configure the keystore that you’ve added.
- Use “Binary Security Token” as Key Identifier Type.
- Set the right Algorithms that you have configured in the service. For better security the default use SHA1 is not a best practice anymore. You could change the configuration in the WCF service to algorithmSuite=”Basic256Sha256Rsa15″ in the message element of the binding. This article makes the case. Then use RSA-SHA256 for signature algorithm, XML-EXC-C14n# for Signature Canonicalization and XMLENC#SHA256 for the Digest Algorithm.
- Check the “Use single certificate” checkbox.
- By default SoapUI signs the whole request but that isn’t the default by WCF so you have to set the parts that you want to sign. So add as Name “To”, Namespace “http://www.w3.org/xxx/xxx/xx” (this is a example ,put yours in it) and set Encode to “Element”.
- Add a timestamp and set it to 300. Use milisecond precision.
- Check the order on the left. So first signature and then timestamp.
And if you want to view information about WS-Security, refer to the following page.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.