Geeks With Blogs
Ganesh Narayanan's BizTalk Hints MCTS
 
I had to go through several Blogs and spend several hours trying to configure my BizTalk project to use Client Certificate Mapping, SSL, and WsHttp Adapter.

These are the steps that were needed to make this combination work:

1. Enable Anonymous Access in IIS for the Web Site

2. Setup Certificate Mapping in IIS

3.Enable "Require SSL"

4. Edit the Web.Config file and make sure that the System.ServiceModel looks like this:

<system.serviceModel>
    <bindings>
        <wsHttpBinding>
            <binding name="CertificateWithTransport">
                <security mode="Transport">
                    <transport clientCredentialType="Certificate" />
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <behaviors>
        <serviceBehaviors>
            <behavior name="ServiceBehaviorConfiguration">
                <serviceDebug httpHelpPageEnabled="false" httpsHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
                <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
            </behavior>
        </serviceBehaviors>
    </behaviors>
    <services>
        <!-- Note: the service name must match the configuration name for the service implementation. -->
        <service name="Microsoft.BizTalk.Adapter.Wcf.Runtime.BizTalkServiceInstance" behaviorConfiguration="ServiceBehaviorConfiguration">
            <!--<endpoint name="HttpMexEndpoint" address="mex" binding="mexHttpBinding" bindingConfiguration="" contract="IMetadataExchange" />-->
            <!--<endpoint name="HttpsMexEndpoint" address="mex" binding="mexHttpsBinding" bindingConfiguration="" contract="IMetadataExchange" />-->
            <endpoint name="HttpsMexEndpoint" address="mex" binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport" contract="IMetadataExchange" />
        </service>
    </services>
</system.serviceModel>

5. In the BizTalk Adapter Settings, make sure that you select "Transport" and "Certificate".

 
Posted on Saturday, June 20, 2009 1:02 PM | Back to top


Comments on this post: Using Client Authentication Certificate Mapping with SSL, WsHttp in BizTalk

# re: Using Client Authentication Certificate Mapping with SSL, WsHttp in BizTalk
Requesting Gravatar...
I also managed to make this work, but I have *not* managed to do party resolution based on client certificate. The problem seems to be that the WindowsUser context property is not set. It is with the SOAP adapter. And it is with the WCF adapter if I use clientCredentialType="Windows". Do you have a solution for this? Ideally, I would like to use the certificate info directly without mappning to a user in IIS, but that doesn't seem to work with the SOAP adapter either.
Left by Henrik Olsson on Sep 16, 2009 10:11 AM

# Certificate Authentication
Requesting Gravatar...
Hi,
Thank you for sharing code! This can be a great help for those seeking to follow the blog.


Certificate Authentication
Left by Jorge Vhog on Jun 06, 2013 6:01 AM

# Certificate Authentication
Requesting Gravatar...
Hi,
Thank you for sharing code! This can be a great help for those seeking to follow the blog.


Certificate Authentication
Left by Jorge Vhog on Jun 06, 2013 6:01 AM

Your comment:
 (will show your gravatar)


Copyright © Ganesh Narayanan | Powered by: GeeksWithBlogs.net