I am very new to certificates and need to know what are the list of steps required to consume Certificate enable web service.

1 Is it mendatory to use MIME/AS2 component to consume SSL enabled web service?

2 In my scenario i have three certificate, 1 root, 2 intermediate and 3 certficate which i need to configure as client certificate. I have to use all these certificate. Can anyone let me know which certificate directory i have to install it.. as i already tried permutation and combination but it is not working.

3 I am consuming java SSL enabled web service and we have only request and response schema. vendor is hot sharing their wsdl. We are just trying to post data to there web service but unable to make it..

Can any one let me know the best approach. or solution.

1. No.  MIME, AS2 and SSL/TLS have nothing to do with each other technically.  The AS2 specification includes sMIME and SSL use cases though.

2. The (1) root cert would go in the Trusted Root Certificate Authorities Store. The (2) intermediate cert would go, presumable as I've never actually use one, in the Intermediate Certification Authorities Store.  The (3) certificate would go in the Personal Store.

All of this in the Computer Certificates.  You have to start with mmc.exe, then add the Certificates snap-in and choose Computer.

3. So, it's just a POX service?  Meaning just a POST of Xml content?  If so, the Schema is all you need.  There is no WSDL since it's not a SOAP Service.

Thanks John...

I have imlemented the option you have suggested but facing below chalange

In http req response adapter configuration, we have two options for certificate
1 Under Authentication tab of configuration
2 Transport properties certificate.

In Transport properties certificate, on browse option i am able to see only root and intermediate certificate. I tried to submit data using both certificates, but both are failing due to certificate not found.

I hope the account you've deployed the 3 client certificates to are the Host Services Account (account under which the Host Instance is running) ?

For using HTTPS you need to use the Transport Properties and the binding should be BasicHTTP. Refer https://msdn.microsoft.com/en-us/library/bb259952.aspx for more details pertaining to creating send port for the said bindings.

If the vendor is not willing to share the WSDL, you may try to generate one yourself by connecting to the endpoint ?WSDL. In doing so you would be able to also work out the complexities pertaining to the various certificates. Having done that from your login account, if you do the same for the Host Instance a/c then your calls would go through.

Regards.

• Edited by ShankycheilMicrosoft community contributor 3 hours 25 minutes ago WCF-Adapters

I cannot generate ?WSDL as metadata is not exposed for the service.

I am calling a service and it is requset response. Not sure if i need to configure my IIS for SSL.

I have not configured it as i am making request to cleint service and it doesn't look logical but saw in one msdn article

under section Configure SSL within an BizTalk adapter

Transport:Security is provided using the HTTPS transport. The SOAP messages are secured using HTTPS. To use this mode, you must set up Secure Sockets Layer (SSL) in Microsoft Internet Information Services (IIS).

http://social.technet.microsoft.com/wiki/contents/articles/18849.biztalk-and-ssl-transport.aspx#SSL_Two-way

What you're reading is when you're configuring a receive location. When you configure a SOAP receive location by exposing an orchestration/schema as a service then you need to enable certificates in IIS (along with the HTTPS binding and port),

Have a look at https://msdn.microsoft.com/en-us/library/bb226467.aspx - How to Configure a WCF-BasicHttp Send Port

Regards.