I am trying to utilize the "Require ws-security signature credentials" assertion to obtain a cert from a ws-security header in a request. I am currently getting the following error:
Does anybody have some ideas to resolve or do I need to include some additional assertions?
This error means that the message has been modified since it was signed so the Gateway is unable to validate the signature of the message. If you just need the certificate then you could XPath out the certificate element but it would not provide you with a security layer.