WSE 3.0 Trust chain error - how do i view what certificate is being sent back? I want to know what cert has the trust chain error
https://stackoverflow.com/questions/1840543
-
12-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm having a trust chain error when I receive my response in WSE 3.0.
Their cert is fine when I grab the WSDL. Their cert is fine when I connect. It likes my public cert when I send the XML request.
What WSE doesn't like is the token in the response. Microsoft.Web.Service3 calls getelement, then loadbinarysecuritytoken, but then checks the chain and doesn't like what it sees.
I'd like to know what token it doesn't like. I'm not sure how to see what the token is. It's binary data so HttpAnalyzer doesn't help much.
I can't fix the issue until I have full knowledge of what's wrong. Are they sending me the wrong cert? Is it just a cert I don't have and need to add to my personal trust? What?
Solution
You must know which certificates are involved right? Usually a client certificate and a server certificate. It sounds to me as if the the client cannot validate the server certificate that was used to sign the message the client receives. If you are using self signed certificates then you should try to add that certificate to the trusted root CA's certificate folder on the client machine. If your client is a service then you have to put it under LocalMachine (assuming the service is running as Network Service) otherwise put it under CurrentUser. Hope this points you in the right direction.
