0

When configuring the WCF-WebHttp security tab, I have set Security Mode to Transport, Client Credential type to Certificate.

When I go to browse for Client Cert, it comes up with the only options being Current User/My Store instead of Local Machine/Address Book. So, to see what happens, I imported my cert into the Current User/My Store. This worked fine and I imported the same cert into the Service Certificate tab. When a message is processed through the send port, an error like so occurs:

Cannot find the X.509 certificate using the following search criteria: StoreName 'My', StoreLocation 'CurrentUser', FindType 'FindByThumbprint', FindValue 'EF742FBAF0A13A7BEA859DC573308D52F0611CDB'.

When it tries to do a GET to the REST service we are trying to consume.

The configuration I'm using looks like so:

enter image description here

I'm assuming that since the BizTalk service is not running as myself, it can't find the client cert. I've also imported the cert into the Local Computer/Personal store to see if that helps, to no avail.

My question is, how can I get the correct client cert selected through the BizTalk interface? Is there a way to specify it in the Outbound Message Headers perhaps?

Dijkgraaf
  • 11,049
  • 17
  • 42
  • 54
Bensonius
  • 1,501
  • 1
  • 15
  • 39

1 Answers1

1

Certificate Usage Scenarios for the WCF Send Ports

Log on to each computer running BizTalk Server that will host the send ports as each host instance service account, and import the client certificate to the Current User \ Personal (My) store.

You can also do this by just launching the MMC as the BizTalk Service Account user.

Dijkgraaf
  • 11,049
  • 17
  • 42
  • 54
  • Thanks, I was just coming back to say I actually read the docs and saw this part. It looks like it worked, but now I'm getting the `Could not establish secure channel for SSL/TLS with authority` error, but that's a different question :) – Bensonius Jan 30 '19 at 00:01