codingdir logo sitemap sitemap |

BizTalk WCF-BasicHttp Adapter does not allow Empty string for Service Certificate Props

By : , Category : ssl

That's because when you select Transport type security with certificate you are telling it to use certificates to both authenticate yourself and the server you are connecting too.

You should be able to obtain the certificate you need for the Service Certificate just by browsing to the web service and then using the browser to copy the certificate to a file and then installing it into the Other People store in the Local Machine location and putting the Thumbprint into the ServiceCertificate setting. If that does not work, as the owners of the service to send you the public cert. In fact to use the service with client certificate authentication, you will most likely have to send your public certificate to the owner of the web service.

If the service does not have a SSL/TSL certificate then you cannot use it with security Transport as the transport layer is not secure.

ReLated :

Seems reasonably clear in that article to me

The Client Certificate is the one you hold the private key for and is used for signing your messages so the recipient can verify who you are.

certificate for authenticating this send port to services

The Service Certificate is the public key of the service you are connecting too. This way it can verify that you are connecting to who you think you are connecting too.

certificate for authenticating the service to which this send port sends messages

This is not required "The default is an empty string." however it is a security feature that prevents someone successfully being able to spoof the web service and intercepting your payload if they manage to poison the DNS entry.

So, it turns out, that in order to get it to work, I had to provide the Service's identity in the top portion. I noticed that putting anything in the Endpoint Identity dialog, after saving, a nice little bit of XML is written to the WCF-BasicHttp dialog after.

  <dns value="" />
  <certificateReference storeName="My" storeLocation="LocalMachine" x509FindType="FindByThumbprint" findValue="[thumbprint]" isChainIncluded="False" />

with only the lower portion filled out as in my question above, it provides the <certificateReference> portion, but the <dns value="" /> does not show up until you provide something in one of the textboxes in the "General" section. It worked when I provided either the DNS, or the Base64 of the server certificate.

So, I guess the answer is, once you fill out one of the sections, both are required, the send port is not going to automatically guess on the endpoint based on the address.

Seems to me your pipelines are to blame. If you are using XMLTransmit/XMLReceive, try moving towards PassThruTransmit & PassThruReceive pipelines.

It looks to me that way because the Receive event of the send port is perfect in respect to timing, only the Send event takes ages.

Just to be sure: you're not using any special WCF behaviors/inspectors?

roxor, I believe that you are correct in the suspicion that you need to host the adapter service and I agree that it makes no sense. I simply do not think this is a scenario currently 'properly' covered by BizTalk Services.

The adapter service has been introduced to support integration with several on-premises systems, SQL Server amongst them -

The BizTalk Adapter Service feature allows an application in the cloud to communicate with a Line-of-Business (LOB) system on-premise, in your network, behind your firewall. Using the LOB adapters in the BizTalk Adapter Pack (BAP), a BizTalk Adapter Service application can execute LOB operations to the following on-premise LOB systems: • Microsoft SQL Server

• Oracle Database

• Oracle E-Business Suite


• Siebel eBusiness Applications


It does that by utilising Windows Azure Service Bus' Relay service. I don't think that Windows Azure SQL Database natively fits the model and although I can see how it can be done it does seem very awkward and quite pointless. In my humble opinion this article shouldn't have been published.

I would imagine that integration with SQL Database would be added to WABS natively eventually, until then, if it was down to me, I'd front it with a web service. Makes sense architecturally anyway.


Message :
Login to Add Your Comments .
How to disable registered OpenCL platforms on Windows?
Is Observable broken in Angular 2 Beta 3?
Cross-thread operation not valid when using Invoke
How to pass an IEnumerable or queryable list of properties from Controller to View
Finding numbers after a certain keyword using Python
Pocketsphinx recognizes random phrases in a silence
Passing non-thread-safe objects through thread-safe containers
React scroll nav
BizTalk WCF-BasicHttp Adapter does not allow Empty string for Service Certificate Props
Why property ''cause" of Exception is repeating forever?
Privacy Policy 2017 © All Rights Reserved .