We have a requirement where in , i have to send a signed SOAP request with Security timestamp to the a web service hosted by our partner. I did the following:
- Added the WS Security Header handler to the WSDL in through designer
- Added the policy name and selected effective policy name - Consumer Policy for Signature,Auth
- Refreshed the WSC
- In the flow service that calls the WSC, in the following path -auth/message/serverCerts/keyStoreAlias, i gave the key store alias that we have defined in the Securiity/Keystore on the Admin page
- In the following path - auth/message/serverCerts/keyAlias, i gave the name of the actual private key in the keystore.
Still I am getting an error saying that - Signed header is required.
Am i missing something? Do i have to give the actual certificate(private key) in the keyAlias path? How do i do that?
The PDF documentation says" You can specify handling of certificate information through direct or indirect references In a direct reference, the actual certificate, or a path to the URI specifying a remote
data source containing the token element, is embedded in the SOAP header."