Friday, June 18, 2004

WSE 2.0 configuration challenge

Security is important, especially when we have a B2B scenario where sensitive information has to be sent. Not too long ago, Microsoft released the Web Service Enhancement 2.0 package(WSE 2.0). Among other features like sending attachments with SOAP messages, it enables us to sent secure SOAP messages.
The amount of code to achieve this is not too much as shown with the shipped examples, but it’s the configuration of the client and server machine what is the challenge. There is good documentation what will get you a long way. But I ran into a little issue on “How to: Make X.509 Certificates Accessible to WSE”

Give the account under which WSE is running read access to the file containing the private key associated with the X.509 certificate.
  1. Open the WSE X.509 Certificate Tool (WseCertificate2.exe)
  2. Set the certificate location and store name where the certificate is located.
  3. Click Select the certificate from the store, choose the certificate you
    want to set the permissions for, and then click OK.
  4. Click Open Private Key File Properties, click the Security tab, add the ASPNET or Network Service account, depending on which version of IIS the Web service is running under, and then select the Read option.

The missing documentation is that if the Security tab is not showing you have to make sure the following:
  1. You need the NTFS file format.
  2. Open the explorer and go to ->Folder Options, click on the View Tab, and deselect “Use simple file sharing [recommended]”

Step d. should now show the Security tab, and the Read access to the security file can
be set for the IE account (ASPNET or Network Service for IE 6.0)

No comments:

make files explained if you did not grew up with them

Here is a nice post on how to define makefiles for a go project and actually teaching you some makefile constructs: