How to sign a SOAP request with WCF

I have an 3rd party SOAP web service. I need to ma开发者_开发技巧ke a call to one of its methods. The request needs to be signed. How can I sign the request?

I assume by signing you mean that you sign the message using a certificate that is installed on the client side.

Doing this is relatively easy in WCF. Assuming you are using the wsHttpBinding in the security element you have to set the mode to SecurityMode.Message. You also have to set the clientCredentialType of the message element to MessageCredentialType.Certificate.

Then, you would have to set up a endpoint behavior and configure the clientCertificate element (which is a child of the clientCredentials element) to indicate where the client certificate is stored.

Even if you aren't using the wsHttpBinding, the configuration is pretty much the same for most of the other bindings when you want to use a client certificate to provide message-level security.

If you are making the call over HTTPS, then note that you will have to set the mode attribute on the security element to Mode.TransportWithMessageCredential.

The following is a question that was asked about using WCF to use the Amazon SOAP service which requires signing. I think the answer gives a great example, which might help with your situation.

How to sign an Amazon web service request in .NET with SOAP and without WSE

Edit: There was evidently some confusion about the link to this other StackOverflow question. I would like to point out the highest voted chosen answer. It is most definitely a WCF solution. You will notice the class SigningMessageInspector which inherits from IClientMessageInspector (a WCF interface). I think this section might help you.

Building on the very helpful answer from @casperOne I ended up with the following config:

<configuration>
    <startup> 
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.2" />
    </startup>

  <system.serviceModel>
    <bindings>    
      <wsHttpBinding>
        <binding>
          <security mode="TransportWithMessageCredential">
            <message clientCredentialType="Certificate" />
          </security>          
        </binding>               
      </wsHttpBinding>
    </bindings>
    <client>
      <!-- specifies the endpoint to use when calling the service -->
      <endpoint address="https://SomeEndPointUrl/v1"
          binding="wsHttpBinding"
          behaviorConfiguration="SigningCallback"
          contract="ServiceReference1.EboxMessagePortType" name="MyBindingConfig">
      </endpoint>
    </client>

    <behaviors>
      <endpointBehaviors>
        <behavior name="SigningCallback">
          <clientCredentials>
            <clientCertificate findValue="*somecertsubjectname*"
                storeLocation="LocalMachine"
                storeName="TrustedPublisher"
                x509FindType="FindBySubjectName"
                />
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>        
  </system.serviceModel>
</configuration>

This for a soap client over https