This was originally posted in the Service Management community, but I didn't find a way how to cross post it to this community. So this is the same post with some new information.
CA Service Management
Team,we're implementing an integration that uses SOAP WS API that requires a certificate. I have been provided with a .pfx file and a password.I'm able to call the methods using SOAPUI without any problems using these settings (I simply point the keystore to the .pfx file and fill the correct password, nothing else was needed):
But I'm not able to make any calls in the ITPAM. I'm not sure where to put the certificate and the password in the ITPAM Invoke SOAP Method operator. I thought this is the right place, but it doesn't work...
The certificate contains only one key.
I always get an error message.SOAP invocation failed: Unable to encrypt the SOAP message.nullThe ITPAM documentation says that this should mean I have provided a bad encryption algorithm.https://techdocs.broadcom.com/us/en/ca-enterprise-software/intelligent-automation/automic-process-automation/4-3-1/reference/operators-reference/operator-overview/web-services-operators/invoke-soap-method-operator.html
I tried to let the encryption algorithm blank (in this case the algorithm should be taken from the cert) and also all combinations of the algorithms PAM provides.A friend of mine who implemented some other integrations for the same external system sent me this piece of code in Java that should do the encryption part.
X509Certificate2 cert = new X509Certificate2(System.Configuration.ConfigurationManager.AppSettings["cert_path"], System.Configuration.ConfigurationManager.AppSettings["cert_pwd"], X509KeyStorageFlags.MachineKeySet);
sd_tmcz.ClientCertificates.Add(cert);
System.Net.ServicePointManager.ServerCertificateValidationCallback = SDUtils.ValidateServerCertificate;
Do you have any idea what should be set in PAM?
Thank you so much for your suggestions,
Jakub