I want BizTalk to send signed soap messages using WS-Security without encryption. My orchestration is using a dynamic send port. I have tried both, trying to configure a WCF-WSHttp Send Port like this: (temporarily altered my orchestration to use this port rather than a dynamic port) as well as doing it within my orchestration. However I only manage to get my message send out encrypted, or in plain text without being signed or encrypted.

Configuring a Send Port.

Result: Message gets encrypted:

Doing it within my Message Assignment Shape: Result: Message gets encrypted:

myMessage_Request(WCF.TransportProtectionLevel)="Sign";
myMessage_Request(WCF.MessageClientCredentialType)="Certificate";
myMessage_Request(WCF.TransportClientCredentialType)="Certificate";

myMessage_Request(WCF.OpenTimeout)= "00:10:00";
myMessage_Request(WCF.CloseTimeout)= "00:10:00";
myMessage_Request(WCF.SendTimeout)= "00:10:00";
myMessage_Request(WCF.MaxReceivedMessageSize)= 2147483647;
myMessage_Request(WCF.SecurityMode)="Message";

myMessage_Request(WCF.BindingType)="customBinding";
myMessage_Request(WCF.Action)="http://MySoapAction";
myMessage_Request(BTS.Operation)=”MySoapOperation”;
myMessage_Request(WCF.ClientCertificate)="xxxxxxxx";


myPort(Microsoft.XLANGs.BaseTypes.Address) = http(s)://targeURI
myPort(Microsoft.XLANGs.BaseTypes.TransportType) = "WCF-WSHttp";

If I change the above property WCF.TransportProtectionLevel from “Sign” to “None” the message doesn't get encrypted and also not signed.