I am attempting to communicate with Active Directory Certificate Services (Microsoft PKI) using the new "Certificate Enrollment Service" (CES)provided in Windows 2008 Server R2, but the WSDL appears to be incomplete. Specifically, there are no "message" entries defined and the "portType" entry does not contain any operations. Here is a snippet from the WSDL in question: <?xml version="1.0" encoding="utf-8" ?> <wsdl:definitions targetNamespace="http://schemas.microsoft.com/windows/pki/2009/01/enrollment" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:tns="http://schemas.microsoft.com/windows/pki/2009/01/enrollment" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"> <wsdl:types /> <wsdl:portType name="ISecurityTokenService" /> </wsdl:definitions> Note: To get access to this WSDL I first had to enable MEX in the web.config from my "msca_CES_UsernamePassword" service (my CES service). To do this I simply uncommented the all lines that followed a line like <!-- To enable mex uncomment the following -->. Then I could acess the WSDL at the URL: https://<machine_name>/msca_CES_UsernamePassword/service.svc?wsdl When I try to use Axis2 utility wsdl2java to generate client side bindings, it fails with an error indicating that the WSDL is invalid because no operations were found in the portType element. Exception in thread "main" org.apache.axis2.wsdl.codegen.CodeGenerationException: Error parsing WSDL at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.<init>(CodeGenerationEngine.java:175) at org.apache.axis2.wsdl.WSDL2Code.main(WSDL2Code.java:35) at org.apache.axis2.wsdl.WSDL2Java.main(WSDL2Java.java:24) Caused by: org.apache.axis2.AxisFault: No operation found in the portType element After examining the MS-WSTEP document, I was expecting this WSDL to contain an extended version of the WS-Trust WSDL. Specifically, I was expecting the RequestSecurityToken2 operation at a minimum. Am I misunderstanding something? Have I missed a crucial configuration step? Any assistance is appreciated Note: I was able to successfully generate client bindings for the "Certificate Enrollment Policy Service" (CEP) and successfully use this service with a Java client. But, in this case, the WSDL appeared complete in that it contained the "operation" elements in the "portType" like I would expect. Here is a WSDL snippet demonstrating that: <?xml version="1.0" encoding="utf-8" ?> <wsdl:definitions targetNamespace="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:tns="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"> <wsdl:types> <xsd:schema targetNamespace="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy/Imports"> <xsd:import schemaLocation="https://cdwood-w2k8r2-msca.entrust.com/ADPolicyProvider_CEP_UsernamePassword/service.svc?xsd=xsd0" namespace="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy" /> </xsd:schema> </wsdl:types> <wsdl:message name="GetPoliciesRequest"> <wsdl:part name="parameters" element="tns:GetPolicies" /> </wsdl:message> <wsdl:message name="GetPoliciesResponse"> <wsdl:part name="parameters" element="tns:GetPoliciesResponse" /> </wsdl:message> <wsdl:portType name="IPolicy"> <wsdl:operation name="GetPolicies"> <wsdl:input wsaw:Action="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy/IPolicy/GetPolicies" name="GetPoliciesRequest" message="tns:GetPoliciesRequest" /> <wsdl:output wsaw:Action="http://schemas.microsoft.com/windows/pki/2009/01/enrollmentpolicy/IPolicy/GetPoliciesResponse" name="GetPoliciesResponse" message="tns:GetPoliciesResponse" /> </wsdl:operation> </wsdl:portType> </wsdl:definitions>

I would advice to ask this question to the windows protocols forums: http://social.msdn.microsoft.com/Forums/en-US/os_windowsprotocols/threads There you definitely will find an answer. My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com