Using Client Authentication Certificate Mapping with SSL, WsHttp in BizTalk
June 20th, 2009 | Published in BizTalk Tips
I had to go through several Blogs and spend several hours trying to configure my BizTalk project to use Client Certificate Mapping, SSL, and WsHttp Adapter.
These are the steps that were needed to make this combination work:
1. Enable Anonymous Access in IIS for the Web Site
2. Setup Certificate Mapping in IIS
3.Enable “Require SSL”
4. Edit the Web.Config file and make sure that the System.ServiceModel looks like this:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name=”CertificateWithTransport”>
<security mode=”Transport”>
<transport clientCredentialType=”Certificate” />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name=”ServiceBehaviorConfiguration”>
<serviceDebug httpHelpPageEnabled=”false” httpsHelpPageEnabled=”true” includeExceptionDetailInFaults=”true” />
<serviceMetadata httpGetEnabled=”false” httpsGetEnabled=”true” />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<!– Note: the service name must match the configuration name for the service implementation. –>
<service name=”Microsoft.BizTalk.Adapter.Wcf.Runtime.BizTalkServiceInstance” behaviorConfiguration=”ServiceBehaviorConfiguration”>
<!–<endpoint name=”HttpMexEndpoint” address=”mex” binding=”mexHttpBinding” bindingConfiguration=”” contract=”IMetadataExchange” />–>
<!–<endpoint name=”HttpsMexEndpoint” address=”mex” binding=”mexHttpsBinding” bindingConfiguration=”” contract=”IMetadataExchange” />–>
<endpoint name=”HttpsMexEndpoint” address=”mex” binding=”wsHttpBinding” bindingConfiguration=”CertificateWithTransport” contract=”IMetadataExchange” />
</service>
</services>
</system.serviceModel>
5. In the BizTalk Adapter Settings, make sure that you select “Transport” and “Certificate”.
