Soap UI - Сбой проверки подписи при попытке выполнить soap запрос

Question

Я пытаюсь выполнить запрос soap через SoapUI, он не выполняется из-за сбоя проверки безопасности. Тот же запрос работает в коте. Я уже сравниваю запрос, я не могу найти то, что мне не хватает. Ниже приведен ответ на запрос по SoapUI.

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
   <s:Header>
      <a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
   </s:Header>
   <s:Body>
      <s:Fault>
         <s:Code>
            <s:Value>s:Sender</s:Value>
            <s:Subcode>
               <s:Value xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</s:Value>
            </s:Subcode>
         </s:Code>
         <s:Reason>
            <s:Text xml:lang="en-US">An error occurred when verifying security for the message.</s:Text>
         </s:Reason>
      </s:Fault>
   </s:Body>
</s:Envelope>

Рабочий запрос по Tomcat

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Header>
      <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-XXXXXX-XXXXX-XXXXX-XXXXX-XXXXX">xxxxxxxx=</wsse:BinarySecurityToken>
         <wsu:Timestamp wsu:Id="TS-98a5d5a6-xxxx-xxxx-xxxx-XXXXXX">
            <wsu:Created>2020-01-09T07:51:06.290Z</wsu:Created>
            <wsu:Expires>2020-01-09T07:56:06.290Z</wsu:Expires>
         </wsu:Timestamp>
         <ds:Signature Id="SIG-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
               <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces PrefixList="soap" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
               </ds:CanonicalizationMethod>
               <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
               <ds:Reference URI="#TS-98a5d5a6-xxxx-xxxx-xxxx-XXXXX">
                  <ds:Transforms>
                     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="wsse soap" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                     </ds:Transform>
                  </ds:Transforms>
                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                  <ds:DigestValue>XXXXXX/XXXXXX+XXXX=</ds:DigestValue>
               </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>xxxxx/xxxx+/xxxx/x+xxx+XXXXX+xx+xx==</ds:SignatureValue>
            <ds:KeyInfo Id="KI-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx">
               <wsse:SecurityTokenReference wsu:Id="STR-XXXXXX-XXXXXX-XXXXX-XXXXXX-XXXXXX">
                  <wsse:Reference URI="#X509-XXXXX-XXXXX-XXXXX-XXXX-XXXXX" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
               </wsse:SecurityTokenReference>
            </ds:KeyInfo>
         </ds:Signature>
      </wsse:Security>
   </soap:Header>
   <soap:Body>
      <ns2:GetDependent xmlns="http://services.lh1ondemand.com/hix/datacontract/v1.0" xmlns:ns2="http://services.lh1ondemand.com/hix/servicecontract/v1.0" xmlns:ns3="http://schemas.microsoft.com/2003/10/Serialization/">
         <ns2:dependentRequest>
            <DependentKey>
               <AdministratorAlias>xxx</AdministratorAlias>
               <ConsumerIdentifier>xxxxx</ConsumerIdentifier>
               <DependentIdentifier xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
               <EmployerCode>xxxxx</EmployerCode>
            </DependentKey>
            <MessageId>eb4483c8-29f1-4bb6-b967-03e71097ae19</MessageId>
         </ns2:dependentRequest>
      </ns2:GetDependent>
   </soap:Body>
</soap:Envelope>

Неудачный запрос по SoapUI

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:v1="http://services.lh1ondemand.com/hix/servicecontract/v1.0" xmlns:v11="http://services.lh1ondemand.com/hix/datacontract/v1.0">
   <soap:Header>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-XXXXXXXXXX">XXXXXXX</wsse:BinarySecurityToken>
         <ds:Signature Id="SIG-XXXXXXX" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
               <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                  <ec:InclusiveNamespaces PrefixList="soap v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
               </ds:CanonicalizationMethod>
               <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
               <ds:Reference URI="#TS-8D43DFED2BF5E6BCDC1578638XXXXXXXXXX">
                  <ds:Transforms>
                     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="wsse soap v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                     </ds:Transform>
                  </ds:Transforms>
                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                  <ds:DigestValue>XXXXX/XXXXXXX=</ds:DigestValue>
               </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>XXXXXX==</ds:SignatureValue>
            <ds:KeyInfo Id="KI-XXXXXXXXXXXXXX">
               <wsse:SecurityTokenReference wsu:Id="STR-XXXXXXXXX">
                  <wsse:Reference URI="#X509-XXXXXXXX" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
               </wsse:SecurityTokenReference>
            </ds:KeyInfo>
         </ds:Signature>
         <wsu:Timestamp wsu:Id="TS-8D43DFED2BF5E6BCDC1578638XXXXXXXXXX">
            <wsu:Created>2020-01-10T06:48:08.045Z</wsu:Created>
            <wsu:Expires>2020-01-10T08:11:28.045Z</wsu:Expires>
         </wsu:Timestamp>
      </wsse:Security>
   </soap:Header>
   <soap:Body>
      <ns2:GetDependent xmlns="http://services.lh1ondemand.com/hix/datacontract/v1.0" xmlns:ns2="http://services.lh1ondemand.com/hix/servicecontract/v1.0" xmlns:ns3="http://schemas.microsoft.com/2003/10/Serialization/">
         <ns2:dependentRequest>
            <DependentKey>
               <AdministratorAlias>xxx</AdministratorAlias>
               <ConsumerIdentifier>xxxx</ConsumerIdentifier>
               <DependentIdentifier xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
               <EmployerCode>xxxxx</EmployerCode>
            </DependentKey>
            <MessageId>0730e3b9-6bda-408f-9865-a0e27d3f33cb</MessageId>
         </ns2:dependentRequest>
      </ns2:GetDependent>
   </soap:Body>
</soap:Envelope>

Я уже сравнил оба запроса и не смог увидеть разницу, кроме порядка тегов, таких как timestamp, binarysecuritytoken. Я импортировал хранилище ключей в свой soap интерфейс, а также добавил подпись и метку времени

Исходящий WS-Security

Пожалуйста, подскажите, что мне здесь не хватает. Любые предложения будут полезны.

Спасибо