SoapUI WCF using SSL certificate
After looking around the forums and the internet in general, I was unable to find anything that answered my problem, so I have resorted to placing my question here.
Firstly, sorry if this has already had a answer supplied.
My problem is this. I have an existing C# WCF service hosting in IIS and secured by an SSL. This is working code and is currently in our Live, UAT, Test and Development environments.
I have been asked to use SoapUI for testing firstly on existing services and any new services that we are about to build.
So far, I have created the project by supplying the WDSL, setup the keystore with the SSL cert, created an outgoing and incoming WS-Sec config.
When in the request, I have created a basic authorization using the defined outgoing and incoming configs created above.
After clicking on the submit button, I get the following response.
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
</s:Header>
<s:Body>
<s:Fault>
<s:Code>
<s:Value>s:Sender</s:Value>
<s:Subcode>
<s:Value xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</s:Value>
</s:Subcode>
</s:Code>
<s:Reason>
<s:Text xml:lang="en-GB">An error occurred when verifying security for the message.</s:Text>
</s:Reason>
</s:Fault>
</s:Body>
</s:Envelope>I did see an article that inferred that I should switch the 'Enable WS_A addressing' switch off. I did this, but this just caused the submit request to timeout.
I have checked that the service is running by viewing the WSDL from the IIS server and also using the application to call the service and all is OK.
I am sure that I missed a simple step, so would be grateful for any help.
Thanks
Paul.
P.S.
I have just tried what is described in the following link and it still does not work:
Came across this article:
Sam's comments about:
<serviceSecurityAudit
auditLogLocation="Application"
serviceAuthorizationAuditLevel="Failure"
messageAuthenticationAuditLevel="Failure"
suppressAuditFailure="true"/>Worked great.
On looking at the Application Evnt Log the following message was recorded:
The description for Event ID 4 from source ServiceModel Audit 4.0.0.0 cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: http://localhost:57978/WCFService.svc http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence <null> MessageSecurityException: Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties. This can occur if the service is configured for security and the client is not using security. The locale specific resource for the desired message is not present
Which leads me back to the fact that I have missed comething.
Ay ideas?
