Digitally sign Security Header in SOAP request

Sula 0 Reputation points
2023-02-22T14:44:17.1033333+00:00

What I have:
A WSDL link and a link to which I am supposed to send requests (despite the location address in WSDL being different)
What I need to create:
A SOAP based client to send requests
I created console project on .NET Framework 4.8, added the reference with WSDL and prepared data that I need to send.
Now, the documentation is very poor, barely non-existent, and some things are not explained at all (or perhaps it's my lack of experience, I've never dealt with SOAP requests before at all)
In the example requests I found I see:

  1. Signed data
  2. Signed security header

For the sake of not posting giant XML pieces here:

  1. Example request WITHOUT signed security header but with signed data, the owner of the service provided this: https://codebeautify.org/xmlviewer/y23171f51
  2. Example request WITH both signed security header and signed data: https://codebeautify.org/xmlviewer/y2304d78e

I am lost why they are different, BUT it throws an error you can see in the 1st picture
I think I can sign the data itself, but I am facing problems how to sign security header
I tried bind with security like this:

            X509Certificate2 clientCertificate = new X509Certificate2("myCert.p12", "12345", X509KeyStorageFlags.Exportable);

            WSHttpBinding binding = new WSHttpBinding(SecurityMode.TransportWithMessageCredential);
            binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

            EndpointAddress endpointAddress = new EndpointAddress(address);
            SyncChannelClient serviceClient = new SyncChannelClient(binding, endpointAddress);


            // add client certificate to the request
            serviceClient.ClientCredentials.ClientCertificate.Certificate = clientCertificate;

            serviceClient.Open();
            serviceClient.SendMessage(sendMessage);

But it was throwing an error that I must use https
I changed the address to https
Now it threw me an error:

"System.NotSupportedException: 'The private key is not present in the X.509 certificate.'"
But I am 100% it has a private key, I checked it both with the "hasPrivateKey()" method and in MMC

I googled everything I could but couldn't solve the problem.
So now I am completely lost on to how to deal with this, I even tried to contact the developers of the service but to no avail their email was deleted because all my emails didn't reach them.
For additional information, the client for whom I am developing the client provided me with username and password, and yes I tried to use them as a means to secure the request, but it also didn't work.

.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,261 questions
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,218 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,093 questions
{count} votes