4.2.1.2 GetPolicies Example Request using Certificate Authentication

The following snippet demonstrates a call to the GetPolicies message using <AuthPolicy> "Certificate".

 <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
    xmlns:a="http://www.w3.org/2005/08/addressing"
    xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
    xmlns:ac="http://schemas.xmlsoap.org/ws/2006/12/authorization">
   <s:Header>
     <a:Action s:mustUnderstand="1">
       http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy/IPolicy/GetPolicies
     </a:Action>
     <a:MessageID>urn:uuid:72048B64-0F19-448F-8C2E-B4C661860AA0</a:MessageID>
     <a:ReplyTo>
       <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
     </a:ReplyTo>
     <a:To s:mustUnderstand="1">
       https://enrolltest.contoso.com/ENROLLMENTSERVER/DEVICEENROLLMENTWEBSERVICE.SVC
     </a:To>
     <wsse:Security s:mustUnderstand="1">
       <u:Timestamp>
         <u:Created>2015-06-13T21:13:37Z</u:Created>
         <u:Expires>2015-06-13T21:18:37Z</u:Expires>
       </u:Timestamp>
      <wsse:BinarySecurityToken  ValueType=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" Id="uuid-29801C2F-F26B-46AD-984B-AFAEFB545FF8" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#base64binary">B64EncodedSampleBinarySecurityToken
       </wsse:BinarySecurityToken>
       <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
         <SignedInfo>
           <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
           <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
           <Reference URI="">
             <Transforms>
               <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
             </Transforms>
             <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
             <DigestValue>hash</DigestValue>
           </Reference>
         </SignedInfo>
         <SignatureValue>signature</SignatureValue>
         <KeyInfo>
           <wsse:SecurityTokenReference>
             <wsse:Reference URI="29801C2F-F26B-46AD-984B-AFAEFB545FF8" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509" />
           </wsse:SecurityTokenReference>
         </KeyInfo>
       </Signature>
     </wsse:Security>
   </s:Header>
   <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xmlns:xsd="http://www.w3.org/2001/XMLSchema">
     <GetPolicies
        xmlns="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy">
       <client>
         <lastUpdate xsi:nil="true"/>
         <preferredLanguage xsi:nil="true"/>
       </client>
       <requestFilter xsi:nil="true"/>
     </GetPolicies>
   </s:Body>
 </s:Envelope>