Skip to Content
0
Former Member
Mar 26, 2009 at 08:58 AM

External Webservice with ClientCert for Auth

265 Views

Hi Experts,

I have big trouble consuming an external Webservice.

I created the ConsumerProxy from the WSDL.

The communication works with SSL and so i imported the Certificate from the remote Server into transaction strust.

So far it works good.

Now the webservice requires a client certificate for authentication. I have this certificate imported into strust for default PSE.

When I configure the consumer proxy with TA soamanager, I have no clue what to enter in the security tab. Currently I have:

Transport Security 
Security Mechanism: Document Security   
Ignore SSL Server Certificate: Check SSL Certificates  
Signature Expected:   No Signature Expected
Trustworthy Certificate PSE:  WSSKEYS
Pattern for Certificates:  Subject=*;Issuer=*;SerialNumber=*
Signed Message Elements:   Body signed
Encryption Expected:   No Encryption Expected
Add signature:   No Not Add Signature
PSE Signature Key:  WSSKEYS
Signed Message Elements:   Sign Body
Encryption:   Do not Encrypt Body
PSE of Key:  WSSCRT
Unique X.500 ID (DN):  
Encrypted Message Elements:   Encrypt Body
Message Age Expected:   No Message Age
Maximum Message Age:  180
Use WS Secure Conversation:   Use WS Secure Coonversation
 
Authentication 
Authentication Method:   X.509 ClientCertificate
Trustworthiness Method:   Vouches Uses XML Signature
Issuer:  
Name of Attester:  sam_default_attester
Validity of SAML Assertion:  180
Caching of SAML Assertions:   True
Attester System Destination:  WS_SAML_attester_default
Name of Attester:  saml_default_attester
User:  
Password:  
Client PSE:  DFAULT
 

I have searched a lot on the net for documentation on these settings, but didn´t find anything usefull.

I think the settings in the Authentication Area are wrong.

Does anybody have a hint or a link for an howto or a documentation for these settings ???

Any help would be very welcome.