question

ITMemberAHE-1270 avatar image
0 Votes"
ITMemberAHE-1270 asked JiayaoWu-MSFT commented

Sending soap request with X509 Certificate that uses sha256 signing algorithm

I'm trying to make a soap service.

To send request I need to use X509 Certificate. I used X509Certificate2 class for that purpose, because client that was generated automatically had this one. The problem is that its keys are System.Security.Cryptography.RSACryptoServiceProvider class that accepts only "http://www.w3.org/2000/09/xmldsig#rsa-sha1" signature algorithm. In our case sha256 signature algorithm is needed.

Have you got any idea how can I deal with that?

Code looks like this:

  SoapService.GetOrderStatusRequest request = new SoapService.GetOrderStatusRequest()
         {
             orderId = Int32.Parse(txtID.Text),
             requestHeader = new SoapService.RequestHeader() 
             { 
                  institutionId = 123, 
                  requestId = "aeacbff8-ba6d-4a01-8e76-0b4384c24721", 
                  system = "Test" 
             }
         };
         var cert = new X509Certificate2(AppDomain.CurrentDomain.BaseDirectory + "//cert.p12", "Passs123");
    
         client.ChannelFactory.Credentials.ClientCertificate.Certificate = cert;
         client.ClientCredentials.ClientCertificate.Certificate = cert;
    
         SoapService.GetOrderStatusResponse response = client.getOrderStatus(request);
         txtResult.Text = response.order.name;
dotnet-csharpwindows-wcf
· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @ITMemberAHE-1270 ,
You may check out the answers in this link and the links in the comments to see if they help you : how-do-i-properly-sign-a-soap-message-with-sha2-in-c .


0 Votes 0 ·

Unfortunately, that solution doesn't work for me. :/

0 Votes 0 ·

I got another error: The X.509 certificate OID.=U, OID.=BR:PL-4, CN=Organization, OU=Organization, O=Organization, C=PL chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust.

0 Votes 0 ·

0 Answers