WS-Security-Configuration issue.

Hi All

webMethods IS (7.1.2 )is consuming a webservice which is secured.

The partner has given us certificates and partner keys. The following steps have been followed

  1. Configure the CA certificate directory in Cerificates in the navigation panel.
  2. Added a webservice endpoint alias with private key and certificates properties.
  3. changed the consumer wsdl to facilitate the security requirements where we added a security handler, assigned a policy name and an endpoint alias.

I am not sure if this is the right approach, or we are missing anything , but when the webservice is called we are getting the following soap fault WS Security processing failed : Error while reading the private key/certificates from the Web service endpoint.

The above error has an obvious message, but wondering what might have been wrong with my configuration.


After configuring certificates.did you restart IS and see how it works?

Also make sure you did followed every step described in the WS Developer documentation:

“Adding an Endpoint Alias for a Consumer Web Service Descriptor”
focus mainly (HTTPTransport,WS Security properties wrt Policy File assertion and Request (Outbound Security) section in the usage/resolution order)

In Security > Certificates, set the full path of the certificates and private key.



We did restart the server. I read through the documentation thoroughly to see if I might have missed anything. We are still getting the same error.

We opened a SR with SoftwareAG to help us with this issue.

Thanks a lot again for your help

Sure…Pls let us know the outcome…



We are having different issues with configuration. We slowly narrowed down to the issue. Here are our set of issues and how we addressed them except for the last one.

  • First we did not have the fullpath of the certificates - Solution: We fixed the paths to the full path name
  • We were trying to give the host name as Integration server’s host name rather than giving the partner’s host name in the web service end point alias - Solution : We fixed this by giving the right host name and port.
  • We did not have the right certificate from the partner - Solution :Our partner provided the right certificate which works
  • Current Issue - The calls are going through now , but we are getting a soap Request does not contain required Security header: [{}Signature] Our partner says that they are not receiving the soap header properly as SAML assertions are present and Signatures are not present.

I need to find out a way to put SAML assertions . I was applying a Digitital Signature policy as the policy name after assigning the ws secuity handler in the WSDL.

Not sure what I am missing here. Any ideas ?


Looks like you made lot progress…

Plz check this article regarding SAML support comments:

I have not dealt with SAML assertions,cannot comment on this one.