WSE 3.0 Trust chain error - how do i view what certificate is being sent back? I want to know what cert has the trust chain error

I'm having a trust chain error when I receive my response in WSE 3.0.

Their cert is fine when I grab the WSDL. Their cert is fine when I connect. It likes my public cert when I send the XML request.

What WSE doesn't like is the token in the response. Microsoft.Web.Service3 calls getelement, then loadbinarysecuritytok开发者_JAVA百科en, but then checks the chain and doesn't like what it sees.

I'd like to know what token it doesn't like. I'm not sure how to see what the token is. It's binary data so HttpAnalyzer doesn't help much.

I can't fix the issue until I have full knowledge of what's wrong. Are they sending me the wrong cert? Is it just a cert I don't have and need to add to my personal trust? What?

You must know which certificates are involved right? Usually a client certificate and a server certificate. It sounds to me as if the the client cannot validate the server certificate that was used to sign the message the client receives. If you are using self signed certificates then you should try to add that certificate to the trusted root CA's certificate folder on the client machine. If your client is a service then you have to put it under LocalMachine (assuming the service is running as Network Service) otherwise put it under CurrentUser. Hope this points you in the right direction.