Forum Discussion

Mountazar_Abou_'s avatar
Mountazar_Abou_
Icon for Cirrus rankCirrus
Oct 07, 2017

Verification failure for WS-Security

Dear all,

 

We are facing an issue with Web Services Security implementation on F5-ASM v12.1.2 by which the F5-ASM is not able to verify the WSS-request signature. The error encountered is: "Verification error, signature value is wrong".

 

However the decryption of the incoming request as well as signing the response are working fine (both related to the server certificate). Our doubt is in the imported client certificate which we tried to replace several times but to no avail. The client certificate is one that is signed itself (as certificate) using Sha256RSA and the WSS request is being signed using Sha1-RSA.

 

Kindly advise, Regards,

 

ASM Advanced WAF
security

4 Replies

Sort By
  • Mountazar_Abou_'s avatar
    Mountazar_Abou_
    Icon for Cirrus rankCirrus
    Oct 07, 2017

    Clarification: I meant, we replaced the client certificate several times (by generating new ones using different key generation tools) but the problem persisted.

     

  • Romani_2788's avatar
    Romani_2788
    Historic F5 Account
    Oct 23, 2017

    Hi Mountazar, For what you request, it is probably best handled by a Support case. I can understand how the same certificate can work for decryption/encryption and not work for signing, but investigating this aspect is involving and best handled through the Support process.

     

    -Romani.

     

  • Romani_2788's avatar
    Romani_2788
    Historic F5 Account
    Oct 23, 2017

    Hi Mountazar, For what you request, it is probably best handled by a Support case. I can understand how the same certificate can work for decryption/encryption and not work for signing, but investigating this aspect is involving and best handled through the Support process.

     

    -Romani.