WCF client initiate secure connection to SOAP server through WSDL. Log show that WS-security autorisation was fine, and SOAP server correctly respond, but client drops connection because response was unsecure. Since I don't have access to client environment I need help to fix that issue on server side. What additional headers should I add to response?
Server have certificate, client have a key.
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken">
<wsp:ExactlyOne>
<wsp:All>
<sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"/>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
Request header:
<?xml version="1.0" encoding="UTF-8"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2019-02-14T18:30:07.568Z</u:Created>
<u:Expires>2019-02-14T18:35:07.568Z</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="xxx" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<o:Username>user</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">xxx</o:Password>
<o:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">xxx</o:Nonce>
<u:Created>2019-02-14T18:30:07.568Z</u:Created>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<isSystemListening xmlns="urn:xxx"/>
</s:Body>
</s:Envelope>
Response header:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns2="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:ns3="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#PasswordDigest" xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#Base64Binary" xmlns:ns5="urn:xxx">
<SOAP-ENV:Header>
<ns1:Security SOAP-ENV:mustUnderstand="1" SOAP-ENV:actor="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<ns1:Timestamp>
<Created>2019-02-14T18:30:07Z</Created>
<Expires>2019-02-14T18:35:07Z</Expires>
</ns1:Timestamp>
<ns2:UsernameToken>
<ns2:Username xsi:type="ns1:string">user</ns2:Username>
<ns1:Password xsi:type="ns3:string">xxx</ns1:Password>
<ns1:Nonce xsi:type="ns4:string">xxx</ns1:Nonce>
<ns2:Created xsi:type="ns1:string">2019-02-14T18:30:07.568Z</ns2:Created>
</ns2:UsernameToken>
</ns1:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<ns5:isSystemListeningResponse>
<isUp>true</isUp>
</ns5:isSystemListeningResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
Whatever client get error
Communications error occurred: Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties. This can occur if the service is configured for security and the client is not using security.