FIX: AS2 message signing fails with error or contains two signatures for one message with SHA256 signing algorithm in BizTalk Server

Applies to: BizTalk Server 2016 BranchBizTalk Server 2016 DeveloperBizTalk Server 2016 Enterprise

Symptoms


When you configure a BizTalk application to use the SHA256 signing algorithm of Applicability Statement 2 (AS2) messages in Microsoft BizTalk Server, you may notice an unexpected behavior that one AS2 message contains two signatures, or you may receive an error message that resembles the following:

Error details: There was a failure executing the send pipeline: "Microsoft.BizTalk.EdiInt.DefaultPipelines.AS2Send, Microsoft.BizTalk.Edi.EdiIntPipelines, Version=3.0.1.0, Culture=neutral, PublicKeyToken=TokenID" Source: "AS2 encoder" Send Port: PortID URI: FilePath Reason: The MIME encoder failed to sign the message because the certificate has private key protection turned on or the private key does not exist

Resolution


This issue is fixed in the following cumulative update for BizTalk Server:

       Cumulative Update 4 for Microsoft BizTalk Server 2016

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


For information about the service packs and cumulative update list for BizTalk Server, click the following article number to view the article in the Microsoft Knowledge Base:

2555976 Service pack and cumulative update list for BizTalk Server

For more information about BizTalk Server hotfixes, click the following article number to view the article in the Microsoft Knowledge Base:

2003907 Information about BizTalk hotfixes and Service Pack support