locked
Microsoft msProvisionNetworks API always shows Signature is Invalid..! RRS feed

  • Question

  • Hi All,

    Recently, I tried to create & install Wi-Fi profile using msProvisionNetworks  API. But its always shows signature invalid error. I generated the Test Certificate using windows PowerShell and created my Wi-Fi profile xml. But also shows the same error. Please advice. I can't create the open network also.

    msProvisionNetworks Reference URL : https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/platform-apis/dn529170(v=vs.85)

    Signature Elements Creation Reference URL : https://docs.microsoft.com/en-us/windows-hardware/drivers/mobilebroadband/account-provisioning#powershell-provisioningtesthelper-module

    Profile XML:

    <?xml version="1.0" encoding="UTF-8"?>
     <CarrierProvisioning xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.microsoft.com/networking/CarrierControl/v1">
         <Global>
             <CarrierId>{guid}</CarrierId>
             <SubscriberId>1234567890</SubscriberId>
         </Global>
         <WLANProfiles>
             <WLANProfile xmlns="http://www.microsoft.com/networking/CarrierControl/WLAN/v1">
                 <name>{Name}</name>
                 <SSIDConfig>
                     <SSID>
                         <name>{SSID}</name>
                     </SSID>
                 </SSIDConfig>
                 <Hotspot2>
                     <DomainName>{Domain Name}</DomainName>
                     <NAIRealm>
                         <name>{Realm}</name>
                     </NAIRealm>
                 </Hotspot2>
                 <MSM>
                     <security>
                         <authEncryption>
                             <authentication>WPA2</authentication>
                             <encryption>AES</encryption>
                             <useOneX>true</useOneX>
                         </authEncryption>
                         <OneX xmlns="http://www.microsoft.com/networking/OneX/v1">
                             <authMode>user</authMode>
                             <EAPConfig>
                                 <EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
                                     <EapMethod>
                                         <Type xmlns="http://www.microsoft.com/provisioning/EapCommon">21</Type>
                                         <VendorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorId>
                                         <VendorType xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorType>
                                         <AuthorId xmlns="http://www.microsoft.com/provisioning/EapCommon">311</AuthorId>
                                     </EapMethod>
                                     <Config xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
                                         <EapTtls xmlns="http://www.microsoft.com/provisioning/EapTtlsConnectionPropertiesV1">
                                             <ServerValidation>
                                                 <ServerNames />
                                                 <TrustedRootCAHash>0D 99 D6 24 24 11 5F DC 08 4B E2 34 87 B8 E6 71 35 A9 3E 55</TrustedRootCAHash>
                                                 <DisablePrompt>false</DisablePrompt>
                                             </ServerValidation>
                                             <Phase2Authentication>
                                                 <PAPAuthentication />
                                             </Phase2Authentication>
                                             <Phase1Identity>
                                                 <IdentityPrivacy>true</IdentityPrivacy>
                                                 <AnonymousIdentity>anonymous</AnonymousIdentity>
                                             </Phase1Identity>
                                         </EapTtls>
                                     </Config>
                                 </EapHostConfig>
                             </EAPConfig>
                         </OneX>
                         <EapHostUserCredentials xmlns="http://www.microsoft.com/provisioning/EapHostUserCredentials" xmlns:eapCommon="http://www.microsoft.com/provisioning/EapCommon" xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapMethodUserCredentials">
                             <EapMethod>
                                 <eapCommon:Type>21</eapCommon:Type>
                                 <eapCommon:AuthorId>311</eapCommon:AuthorId>
                             </EapMethod>
                             <Credentials xmlns="http://www.microsoft.com/provisioning/EapHostUserCredentials">
                                 <EapTtls xmlns="http://www.microsoft.com/provisioning/EapTtlsUserPropertiesV1">
                                     <Username>{username}</Username>
                                     <Password>{password}</Password>
                                 </EapTtls>
                             </Credentials>
                         </EapHostUserCredentials>
                     </security>
                 </MSM>
             </WLANProfile>
         </WLANProfiles>
         <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>HenJhBpcaIG0KdmF71ZIz1PaOzw=</DigestValue></Reference></SignedInfo><SignatureValue>lMwOvkSVPT7pQTptdpe61SpMR0v7R8Cb1utKVcxzCBVNw/fVdUDrTTrgL7hvIug4JMT6sDV3cZszLz5L8w7UUL85lFzsNEJG3pgQalvTUjzF/6EaHqhF9DGZViRf+aIe5E5c2IjE3wKh90RzpDXdrIsNyjnvTh3lIVjTjLpqItR3qbeipsU6w2WqR2/qPgJVGHLO6Cn6oH/RoX0gQsr0NoExf7+rEuyOcsisAzgQtHeJ/zkB9PD+Niui21g740TZpTpsOaO2egm2ocQO/mIKmVyYzohvS3ko/JBxWQ6UHgeFOex5x7lOcP9RVq3PtCuerFPuXLjWrJRFwnf0BilPZA==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDnjCCAoagAwIBAgIQyg+pMzqS1INA8rrAmI/+iDANBgkqhkiG9w0BAQUFADBXMVUwFwYDVQQLHhAAVwBpAG4AZABvAHcAcwAAMBsGA1UECh4UAE0AaQBjAHIAbwBzAG8AZgB0AAAwHQYDVQQDHhYAVABlAHMAdABFAFYAUgBvAG8AdAAAMB4XDTE5MTExMjA2NDgzM1oXDTIxMTExMjA2NDgzM1owTzFNMBUGA1UEAx4OAFQAZQBzAHQARQBWAAAwFwYDVQQLHhAAVwBpAG4AZABvAHcAcwAAMBsGA1UECh4UAE0AaQBjAHIAbwBzAG8AZgB0AAAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHHj8wXzDEi0Z5kHdm7Yfsgn1x9RB+0If5M9Y7+QQUd1pqoOm12aOuimD3k7FsUsXNpGfphSlH/JgTd3snwhvXb5YXFp/aIexTgLvJvhMRVmgZFNsD9wxx+e76iAyO0ZmodYiyTFQy90z7zGAmjygx7P8bSLVYVehrCDWsZZ1UIDoLvOzFWTj6Ls9ST2JmtWOkmOPIkjQ4rmk0ss6hvDbgLa2dYOG4AZIm+ahwVA7jGPJzU7sSj0kj4z0qvaIq8bQC2U/yfGpNS/lVBTwHQDbRFubxzcWulDPVL0gc39aE2vj8n3IkbYNzd7uoSNnYUvFC6dOEmtsDBU9jPpMbQ969AgMBAAGjbjBsMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMEwGA1UdIAEB/wRCMEAwPgYIKgMEBQYHCAkwMjAwBggrBgEFBQcCAR4kAGgAdAB0AHAAOgAvAC8AZgBvAG8ALgBjAG8AbQAvAGMAcABzMA0GCSqGSIb3DQEBBQUAA4IBAQB11ssuKdNKmA++khd2jREEntOzg1+7VrWnIIurXbxzMx6XW82NDX3K+uYltxKdOY3567MwRlqzzCH+07D/YXo+1Ctw8i1J5f4Don3osFOkbz2loqC/IjUkr6SikDqYaeTTlx/6PHixsNAGn+6+EVurK3SXmS/6saKHs4KLVhT6WHk5TDE4WC1+nvrSa9f2fKHgPmCe5EIdA0aFOkibZeiZnKv/3eTA3QhKR9x6fhuzYgbyRUhscZ80+F+NakFSMa5t4Pw3aTYenet1E700+kXA/Cd7jy3bCmbCvZF4DLy6sLHdD/3mUgCmA8ZqnD204sszDll6b+EE+Lzz6uVzGIqo</X509Certificate></X509Data></KeyInfo></Signature>
     </CarrierProvisioning>


    Wednesday, November 18, 2020 8:10 AM

Answers

All replies