I have been struggling again with the use of certificates in BizTalk. This time I wanted to call a Java service that is secured via a client certificate. No mutual SSL, no additional username/password authentication. The first step is to install the client certificate in the personal store (My) of the computer account. BizTalk host instances don’t run under the local user account, that’s why you use the computer account.
In BizTalk select WCF-Custom as the send port adapter type. To configure the WCF-Custom adapter:
- On the General tab, enter the address and BTSActionMapping.
- On the Binding tab, select basicHttpBinding
- Under Security select Transport
- Under Transport select clientCredentialType=Certificate.
- On the Behavior tab, go to EndpointBehavior clientCredentials.
- Select ClientCertifcate. FindbyThumbprint in LocalMachine/My.
The credits for this solution, go to my former colleague Pim Waaijenberg.