"Matthew Sajdera" <msajdera@ncen.com> wrote in message
news:2c271c92.0407231334.1e66c38c@posting.google.com...
> All -
>
> We continue to have a problem with a simple signed response using WSE
> 2.0.
>
> We keep getting the following error message:
>
> "The signature or decryption was invalid"
>
> Our client is .Net using WSE 2.0. The Service is a WebLogic web
> service.
> I'm using a Cert generated by our Cert Authority to generate a Client
> Authentication Certificate, Microsoft Base Crypto v1.0, Key Usage -
> Both, Hash Algorithm SHA-1.
> The request gets processed properly by the server, but the response
> keeps failing with the above message.
>
> What should I look at next and / or change? I have a feeling it's how
> I'm creating the cert, but I'm not sure.
>
> Thanks,
>
> - Matt Sajdera
> - msajdera@ncen.com

"Matthew Sajdera" <msajdera@ncen.com> wrote in message
news:2c271c92.0407231334.1e66c38c@posting.google.com...
> All -
>
> We continue to have a problem with a simple signed response using WSE
> 2.0.
>
> We keep getting the following error message:
>
> "The signature or decryption was invalid"
>
> Our client is .Net using WSE 2.0. The Service is a WebLogic web
> service.
> I'm using a Cert generated by our Cert Authority to generate a Client
> Authentication Certificate, Microsoft Base Crypto v1.0, Key Usage -
> Both, Hash Algorithm SHA-1.
> The request gets processed properly by the server, but the response
> keeps failing with the above message.
>
> What should I look at next and / or change? I have a feeling it's how
> I'm creating the cert, but I'm not sure.
>
> Thanks,
>
> - Matt Sajdera
> - msajdera@ncen.com

"Byron Kim" <byronKim@online.microsoft.com> wrote in message
news:4106b751$1@news.microsoft.com...
> I suspect client receives x509 signed message but the STR has KeyName
which
> is not supported by WSE by default.
>
> <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
>
> <xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-_5">
>
> - <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
>
> <dsig:KeyName>CN=WSE2QuickStartClient</dsig:KeyName>
>
> </dsig:KeyInfo>
>
> - <xenc:CipherData>
>
> So, you need to override
> X509SecurityTokenManager.LoadTokenFromKeyInfo(KeyInfo keyInfo)
>
> And return X509token for signature verification
>
> Byron KIM
>
> "Matthew Sajdera" <msajdera@ncen.com> wrote in message
> news:2c271c92.0407231334.1e66c38c@posting.google.com...
> > All -
> >
> > We continue to have a problem with a simple signed response using WSE
> > 2.0.
> >
> > We keep getting the following error message:
> >
> > "The signature or decryption was invalid"
> >
> > Our client is .Net using WSE 2.0. The Service is a WebLogic web
> > service.
> > I'm using a Cert generated by our Cert Authority to generate a Client
> > Authentication Certificate, Microsoft Base Crypto v1.0, Key Usage -
> > Both, Hash Algorithm SHA-1.
> > The request gets processed properly by the server, but the response
> > keeps failing with the above message.
> >
> > What should I look at next and / or change? I have a feeling it's how
> > I'm creating the cert, but I'm not sure.
> >
> > Thanks,
> >
> > - Matt Sajdera
> > - msajdera@ncen.com
>
>