Verification failure for WS-Security

Question

Dear all,&nbsp;
We are facing an issue with Web Services Security implementation on F5-ASM v12.1.2 by which the F5-ASM is not able to verify the WSS-request signature. The error encountered is:
"Verification error, signature value is wrong".&nbsp;
However the decryption of the incoming request as well as signing the response are working fine (both related to the server certificate).
Our doubt is in the imported client certificate which we tried to replace several times but to no avail.
The client certificate is one that is signed itself (as certificate) using Sha256RSA and the WSS request is being signed using Sha1-RSA.&nbsp;
Kindly advise,
Regards,&nbsp;

mountazar_abou_ · Answer

Clarification: I meant, we replaced the client certificate several times (by generating new ones using different key generation tools) but the problem persisted.&nbsp;

mountazar_abou_ · Answer

Anybody ?&nbsp;

romani_2788 · Answer

Hi Mountazar, 
For what you request, it is probably best  handled by a Support case.
I can understand how the same certificate can work for decryption/encryption and not work for signing, but investigating this aspect is involving and best handled through the Support process.&nbsp;
-Romani.&nbsp;

romani_2788 · Answer

Hi Mountazar, 
For what you request, it is probably best  handled by a Support case.
I can understand how the same certificate can work for decryption/encryption and not work for signing, but investigating this aspect is involving and best handled through the Support process.&nbsp;
-Romani.&nbsp;

Forum Discussion

Verification failure for WS-Security

Recent Discussions

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Big IP DNS Failover

Related Content

SSL Bridging verification

WS-Security v1.1 approved

Google Authenticator Token Verification iRule For APM

OS version verification

Monitoring Failure OAuth request

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS