Hi,

I am trying to invoke WCF web service from BizTalk Server. I have client certificate provided but I am not able to understand how to configure service certificate for WCF -BasicHttp adapter.

Can anybody explain me use of Service Certificate? What is default certificate store location for service certificate? I got stuck because of this and getting below error,

System.ServiceModel.CommunicationException: An error occurred while making the HTTP request to https://ivi.gatrdwa.nl/iviservice. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Authentication failed because the remote party has closed the transport stream.

   at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)

   at System.Net.PooledStream.EndWrite(IAsyncResult asyncResult)

   at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)

   --- End of inner exception stack trace ---

   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)

   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult result)

Please let me know if anybody has faced such type of issue.

Thanks in advance.

Hi,

Follow below steps to configure SSL certificate for BizTalk,

Certificate Installation for BizTalk

• Login on BizTalk server using BizTalk Server Host Instance
• Open Certificate Manager using MMC command on Run
• Select File menu  Add/ Remove Snapin / ctrl+m
• Select Certificate from Available Snap-In and add it to Selected Snap-ins
• In new window, import certificates for Trusted Root Certification Authorities appearing under Console Root

Best Practice to restart BizTalk Host Instance

Certificate Configuration

• BizTalk Host Properties Select Certificate
• BizTalk Group Properties Select Certificate

This get you Certificate for Receive Port and Send Port

Regards

K

Hi ,

I think it is much more related to WCF service configuration . I would suggest to look into below post

https://social.msdn.microsoft.com/Forums/en-US/b2a93d89-220c-4acf-b4f1-d3c17f4abff2/server-certificate-is-not-configured-properly-with-httpsys-in-the-https-case?forum=wcf

But for reason why you are trying to use certificate for Basic http binding. I would suggest for certificate authentication you should use https binding .

Thanks

Abhishek

Hi Abhishek,

I am using binding file generated by consuming WCF web service WSDL. And by default is using WCF-BasicHttp adapter. Also I have configured appropriate client certificate and server certificate.

The link provided by you suggest the changes when we are doing .NET coding.  Can you please explain how to do same in BizTalk?

Thanks & Regards

Renu

• Edited by BizTalk_Renu 20 hours 1 minutes ago

Hi,

Not to barge in :), there are atleast couple of ways to do it,

1. Within BizTalk Adapter- Change the adapter to wcf-wshttp instead of wcf-basichttp - this will help when the requirement is to change the service behavior (as mentioned by the thread above)

2. With Security setting on message - There are several options here because security setting on the message can be vary per service, this information will be in the generated binding file. As always more steps will be involved as the Transport credential type varies 

Regards

K