How do I implement WS-security in WCF client service (timestamp, usernametoken, signature)

See more:

C#

WCF

SOAP

I need to implement a WCF request with WS-Security. The header must to have this tags (Signature, UsernameToken and Timestamp) as shown below:

<soapenv:Header>
   <wsse:Security>
     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...
     <wsse:UsernameToken wsu:Id="UsernameToken-DCF9C511">...
     <wsu:Timestamp wsu:Id="TS-DCF9C5119CC59E9AE2159888852210410">...
   </wsse:Security>
</soapenv:Header>

I've tried with this code, and I get "Signature" and "TimeStamp" tags in header but the "UsernameToken" tag is not present:

System.Net.ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true);

Servicio.RecaudoWSPortClient client = new Servicio.RecaudoWSPortClient();
                    
//Configuration certificate
X509Certificate2 cert = new X509Certificate2();
cert.Import(@"C:\Users\jdduitama\Desktop\SCRIPTS\bis\Certificado\PKCS C#\PRUEBA.pfx", "PRUEBA", X509KeyStorageFlags.DefaultKeySet);

X509Certificate2 cert2 = new X509Certificate2();
cert2.Import(@"C:\Users\jdduitama\Desktop\SCRIPTS\bis\Certificado\Certificado.cer", "", X509KeyStorageFlags.DefaultKeySet);

//Configuration Custom Binding
TextMessageEncodingBindingElement textEncoding = new TextMessageEncodingBindingElement { MessageVersion = MessageVersion.Soap11 };
HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement { RequireClientCertificate = true };
TransportSecurityBindingElement sec = SecurityBindingElement.CreateCertificateOverTransportBindingElement();                    
sec.EnableUnsecuredResponse = true;
                    
CustomBinding customBinding = new CustomBinding(sec, textEncoding, httpsTransport);
                    					
client.Endpoint.Binding = myBinding;
client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.PeerOrChainTrust;
client.ClientCredentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.Offline;
client.ClientCredentials.ServiceCertificate.DefaultCertificate = cert2;
client.ClientCredentials.ClientCertificate.Certificate = cert;

client.Endpoint.Address = new System.ServiceModel.EndpointAddress("https://myservice.com/service");
client.Endpoint.Binding.SendTimeout = new TimeSpan(0, 0, 30);

client.ClientCredentials.UserName.UserName = "USERNAME";
client.ClientCredentials.UserName.Password = "PASSWORD";
                   
responseConsulta = client.ConsultaPorValidacion(requestConsulta);

What I have tried:

I think the solution should be in the binding security configuration:

SecurityBindingElement.CreateCertificateOverTransportBindingElement();                  

Because if I use security mode "TransportWithMessageCredential" in config i get the usernameToken in the Header but I lose "Signature" and "TimeStamp"

<binding name="RecaudoWSPortSoap11">
         <security mode="TransportWithMessageCredential" />
</binding>

Please help me, I Just need to have these three tags in Header (Signature, Timestamp UsernameToken) :'(

Thank you so much.